bootutil: Fix device bricked after power failure during swap-move revert

[taltenbach]

This PR proposes a fix to https://github.com/mcu-tools/mcuboot/issues/1966, which describes a scenario where a device can be bricked if a revert process is interrupted when using swap-move.

As suggested in this message, a very straightforward fix might be enough. The latter is implemented in this PR.

The idea is to perform a revert no matter the state of the magic number in the secondary slot's trailer, provided the copy-done flag is set in the primary slot but the image-ok flag is not. The copy-done flag is set only after having completed an upgrade or revert process so if the copy-done flag is set but the image-ok is unset, it is guaranteed an upgrade has been performed but the new image has not been confirmed, which implies a revert is needed.

That looks good to me but perhaps I missed some corner cases that would justify that BOOT_MAGIC_UNSET was used instead of BOOT_MAGIC_ANY. @utzig @d3zd3z do you have any input on that point?

Fixes #1966