u2f: accept short APDU

The ISO7816-4 standard for APDU format says the APDU header minimum size
is 4 bytes (CLA, INS, P1, P2). The Lc field is absent if the command has
no data.
Update the size check to accept short APDU (the actual APDU
len was already computed properly for this case).

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>

BRANCH=cr50
BUG=b:72788497
TEST=adhoc

Change-Id: Ic60fa51bd4746b04016c488a38fe3ae7585e9942
Reviewed-on: https://chromium-review.googlesource.com/1005345
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit 209f47b692bd74fc5afcfeaf0e713ceaa99b9932)
Reviewed-on: https://chromium-review.googlesource.com/1015617
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit 5a6cef6a9311d827ddd49a3729d5870a0a24d8ba)
Reviewed-on: https://chromium-review.googlesource.com/1080313

1 files changed, 1 insertions, 1 deletions

diff --git a/common/u2f.c b/common/u2f.c
index e5b73efc8e..bca71aedf4 100644
--- a/common/u2f.c
+++ b/common/u2f.c
@@ -333,7 +333,7 @@ unsigned u2f_apdu_rcv(uint8_t *buf, unsigned in_len, unsigned max_len)
 
 	CPRINTF("%T/%d U2F APDU ", apdu.len);
 	/* Is the APDU well-formed including its payload ? */
-	if (in_len < 5 || (apdu.len > in_len - (apdu.data - buf))) {
+	if (in_len < 4 || (apdu.len > in_len - (apdu.data - buf))) {
 		sw = U2F_SW_WRONG_LENGTH;
 		goto ret_status;
 	}