It's possible esp_encrypted_img_decrypt_end() could be called
without any decryption done. E.g. If firmware was going to
be installed there was a network failure that cancelled it.
So rsa_pem should be free'd there too.
Note: freeing a NULL pointer is a no-op
This moves the gcm_key and iv to the esp_encrypted_img_handle,
which is only an additional 48 bytes, and avoids a bunch
of extra error checking & deallocation logic.
got_auth is also allocated on the stack since it's only 16 bytes
Replaces esp_decrypt_handle_t* parameters with esp_encrypted_handle_t,
esp_encrypted_handle_t is a void*, esp_decrypt_handle_t* is void**
which is incorrect and produces compiler errors when used in C++.