Updater - fixed signature verification for compressed binaries (#9109)

Previously, Arduino Core attempted to read from flash memory without proper consideration for the 4-byte alignment requirement when calculating the hash for the signature verification. This did not present an issue when uncompressed binaries are checked as all compiled binaries are 4-aligned (unconfirmed, just an educated guess), and signature verification appears to work well in these cases.

When uploading a compressed binary (based on this) the gzip algorithm makes no attempt to produce a 4-aligned file. The rest of the signing results in a valid signed binary regardless, however when calculating the hash for the verification process there is a ~75% chance that the hash will include some bytes from the signature, thus compromising the whole signature verification process.

editorial note: ESP.flashRead for u8 arrays (aka byte arrays) was already updated to properly handle both aligned and unaligned target buffer and / or length, while u32 expects that its arguments are already aligned. Since array pointer in Updater is already aligned, this properly handles unaligned size case.

Author: bakadave

cores/esp8266/Updater.cpp

@@ -284,7 +284,7 @@ bool UpdaterClass::end(bool evenIfRemaining){
     _hash->begin();
     for (uint32_t offset = 0; offset < binSize; offset += sizeof(buff)) {
       auto len = std::min(sizeof(buff), binSize - offset);
-      ESP.flashRead(_startAddress + offset, reinterpret_cast<uint32_t *>(&buff[0]), len);
+      ESP.flashRead(_startAddress + offset, buff, len);
       _hash->add(buff, len);
     }
     _hash->end();