bootloder_support: esp32c3 only supports XTS-AES-128 flash encryption

components/bootloader_support/src/esp32c3/flash_encrypt.c

@@ -68,16 +68,7 @@ static esp_err_t initialise_flash_encryption(void)
     /* Before first flash encryption pass, need to initialise key & crypto config */
 
     /* Find out if a key is already set */
-    bool has_aes128 = ets_efuse_find_purpose(ETS_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY, NULL);
-    bool has_aes256_1 = ets_efuse_find_purpose(ETS_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_1, NULL);
-    bool has_aes256_2 = ets_efuse_find_purpose(ETS_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_2, NULL);
-
-    bool has_key = has_aes128 || (has_aes256_1 && has_aes256_2);
-
-    if (!has_key && (has_aes256_1 || has_aes256_2)) {
-        ESP_LOGE(TAG, "Invalid efuse key blocks: Both AES-256 key blocks must be set.");
-        return ESP_ERR_INVALID_STATE;
-    }
+    bool has_key = ets_efuse_find_purpose(ETS_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY, NULL);
 
     if (has_key) {
         ESP_LOGI(TAG, "Using pre-existing key in efuse");
@@ -85,15 +76,9 @@ static esp_err_t initialise_flash_encryption(void)
         ESP_LOGE(TAG, "TODO: Check key is read & write protected"); // TODO
     } else {
         ESP_LOGI(TAG, "Generating new flash encryption key...");
-#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_AES256
-        const unsigned BLOCKS_NEEDED = 2;
-        const ets_efuse_purpose_t PURPOSE_START = ETS_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_1;
-        const ets_efuse_purpose_t PURPOSE_END = ETS_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_2;
-#else
         const unsigned BLOCKS_NEEDED = 1;
         const ets_efuse_purpose_t PURPOSE_START = ETS_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY;
         const ets_efuse_purpose_t PURPOSE_END = ETS_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY;
-#endif
 
         if (ets_efuse_count_unused_key_blocks() < BLOCKS_NEEDED) {
             ESP_LOGE(TAG, "Not enough free efuse key blocks (need %d) to continue", BLOCKS_NEEDED);