Wrong length used in networkstatus_parse_detached_signatures

While fixing legacy/trac#14013 (moved), nikkolasg realized thatif we did in fact use != DIGEST256_LEN it caused a failure in the test:

    // XXX Should it not be always DIGEST256_LEN ? Running the tests with
    // the condition ` != DIGEST256_LEN` fails.
    if (base16_decode(digests->d[alg], DIGEST256_LEN,
                      hexdigest, strlen(hexdigest)) < 0) {

Turns out that alg here is actually sha1 thus of size DIGEST_LEN. The base16 decode is safe with a larger length but this check (just above in the code) could resolved in unwanted behavior:

    if (!tor_mem_is_zero(digests->d[alg], DIGEST256_LEN)) {

tor_mem_is_zero does make sure that the full length is zeroes thus here looking for 12 extra bytes out of bound to be 0... (DIGEST_LEN vs DIGEST256_LEN). The length we used should be set according to the algorithm in alg

Patch coming soon.