psa_cipher_decrypt CCM*: fix rejection of messages shorter than 3 bytes

[gilles-peskine-arm]

Found by Cryptofuzz. Fixes #9314.

Specification links:

• PSA_ALG_CCM_STAR_NO_TAG — note in particular “default IV length of 13”.
• psa_cipher_decrypt

PR checklist

Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")

• [x] changelog provided
• [ ] 3.6 backport TODO
• [x] 2.28 backport no (no CCM* in 2.28)
• [x] tests provided