From 56b966829dada84df07674a8cf073cb69130fd19 Mon Sep 17 00:00:00 2001
From: KonstantinKondrashov <konstantin@espressif.com>
Date: Thu, 18 May 2023 17:17:04 +0800
Subject: [PATCH] docs: update CN trans for flash-encryption

---
 docs/en/security/flash-encryption.rst    | 7 ++++++-
 docs/zh_CN/security/flash-encryption.rst | 7 ++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/docs/en/security/flash-encryption.rst b/docs/en/security/flash-encryption.rst
index 2425523809..db7671adea 100644
--- a/docs/en/security/flash-encryption.rst
+++ b/docs/en/security/flash-encryption.rst
@@ -74,7 +74,12 @@ The flash encryption operation is controlled by various eFuses available on {IDF
          - If set, disables flash decryption while running in UART Firmware Download mode.
          - 1
        * - ``{IDF_TARGET_CRYPT_CNT}``
-         - Enables/disables encryption at boot time. If even number of bits set (0, 2, 4, 6) - encrypt flash at boot time. If odd number of bits set (1, 3, 5, 7) - do not encrypt flash at boot time.
+         - A :math:`2^n` number that indicating whether the contents of flash have been encrypted.
+
+           * If an odd number of bits are set (e.g., ``0b0000001`` or ``0b0000111``), this indicates the contents of flash are encrypted. The contents will need to be transparently decrypted when read.
+           * If an even number of bits are set (e.g., ``0b0000000`` or ``0b0000011``), this indicates the contents of flash are unencrypted (i.e., plain text).
+
+           With each successive unencrypted flash update (e.g., flashing a new unencrypted binary) and encryption of the flash (via the :ref:`Enable flash encryption on boot <CONFIG_SECURE_FLASH_ENC_ENABLED>` option), the next MSB of ``{IDF_TARGET_CRYPT_CNT}`` is set.
          - 7
 
 
diff --git a/docs/zh_CN/security/flash-encryption.rst b/docs/zh_CN/security/flash-encryption.rst
index 569efb8e2e..8ebfd9bb8b 100644
--- a/docs/zh_CN/security/flash-encryption.rst
+++ b/docs/zh_CN/security/flash-encryption.rst
@@ -74,7 +74,12 @@ flash 加密操作由 {IDF_TARGET_NAME} 上的多个 eFuse 控制。以下是这
          - 设置后，在 UART 固件下载模式运行时禁用 flash 解密操作。
          - 1
        * - ``{IDF_TARGET_CRYPT_CNT}``
-         - 在启动时启用/禁用加密。如果设置了偶数个比特位 (0、2、4、6)，则在启动时加密 flash。如果设置了奇数个比特位 (1、3、5、7)，则在启动时不加密 flash。
+         - 通过 :math:`2^n` 数字来表示 flash 的内容是否已被加密.
+
+           * 如果设置了奇数个比特位（例如 ``0b0000001`` 或 ``0b0000111``）, 表示 flash 的内容已加密。读取时，内容需要进行透明解密。
+           * 如果设置了偶数个比特位（例如 ``0b0000000`` 或 ``0b0000011``）, 表示 flash 的内容未被加密 (即明文)。
+
+           随着每次连续的 flash 未加密（例如烧录一个新的未加密二进制文件）与进行 flash 加密（通过 :ref:`启动时启用 flash 加密功能 <CONFIG_SECURE_FLASH_ENC_ENABLED>` 选项）, ``{IDF_TARGET_CRYPT_CNT}`` 的下一个的最高有效位 (MSB) 会被设置。
          - 7