Always allow U2F attestation from v1 gNubbies.

These devices are obsolete and undocumented. We can't parse the reply
from them to replace the attestation so registration always fails when
replacement is needed.

Rather than fail, this change allows v1 devices to return their reply
unaltered so that accounts.google.com can tell the user that they need
to reflash the device.

Change-Id: Ic3b41210bc7d167b9fe5b9285946b9a9b834d0f8
Reviewed-on: https://chromium-review.googlesource.com/c/1302702Reviewed-by: Martin Kreichgauer <martinkr@chromium.org>
Commit-Queue: Adam Langley <agl@chromium.org>
Cr-Commit-Position: refs/heads/master@{#603631}

chrome/browser/resources/cryptotoken/enroller.js

@@ -410,6 +410,17 @@ function handleU2fEnrollRequest(messageSender, request, sendResponse) {
       }));
     }
 
+    var decodedRegistrationData =
+        new ByteString(decodeWebSafeBase64ToArray(registrationData));
+    var magicValue = decodedRegistrationData.getBytes(1);
+    if (magicValue[0] == 4) {
+      // This is a gNubby with obsolete firmware. We can't parse the reply from
+      // this device and users need to be guided to reflashing them. Therefore
+      // let attestation data pass directly so that can happen on
+      // accounts.google.com.
+      isDirect = true;
+    }
+
     if (isDirect) {
       return registrationData;
     }