Forbid transition from INS_BLIND to INS_VALIDATE(P1=2) directly

[niooss-ledger]

When signing a Monero transaction, the state machine of the APDU is expected to behave like this:

• ...
• INS=INS_BLIND (possibly repeated)
• INS=INS_VALIDATE, P1=1, P2=1 => call monero_apdu_mlsag_prehash_init() that updates some hashes and asks the user to validate the fee
• INS=INS_VALIDATE, P1=1, P2=2
• INS=INS_VALIDATE, P1=1, P2=3
• ...
• INS=INS_VALIDATE, P1=2, P2=1
• INS=INS_VALIDATE, P1=2, P2=2
• ...

Because of the way the transition from INS_BLIND is verified, it is currently possible to skip INS=INS_VALIDATE, P1=1 by sending INS=INS_VALIDATE, P1=2, P2=1 direcly. This makes the transaction signing fail later, because some hash states did not get reset properly, so this would not have any impact from a security perspective. Nevertheless, removing this unexpected transition makes working on the state machine easier.

[grydz]

Thanks for the fix it has been tested successfully.