diff --git a/components/bootloader_support/src/flash_encryption/flash_encrypt.c b/components/bootloader_support/src/flash_encryption/flash_encrypt.c
index 8a75cd2f11..6e9975588d 100644
--- a/components/bootloader_support/src/flash_encryption/flash_encrypt.c
+++ b/components/bootloader_support/src/flash_encryption/flash_encrypt.c
@@ -175,10 +175,12 @@ static esp_err_t check_and_generate_encryption_keys(void)
         if (tmp_has_key) { // For ESP32: esp_efuse_find_purpose() always returns True, need to check whether the key block is used or not.
             tmp_has_key &= !esp_efuse_key_block_unused(blocks[i]);
         }
+#if CONFIG_SECURE_FLASH_ENCRYPTION_AES256
         if (i == 1 && tmp_has_key != has_key) {
             ESP_LOGE(TAG, "Invalid efuse key blocks: Both AES-256 key blocks must be set.");
             return ESP_ERR_INVALID_STATE;
         }
+#endif
         has_key &= tmp_has_key;
     }