secure_boot_v2: fix issue in pre-flashed digest (manual) workflow

This commit fixes issue where empty (unprogrammed) digest slot out of
multiple supported (e.g. 3 for ESP32-C3) could cause issue in
workflow enablement process.

Notes:

1. This issue was applicable for chips supporting "secure-boot-v2"
scheme with multiple digests slots
2. This issue was affecting only manual workflow, where digest of
public was pre-flashed in efuse
3. Change in "flash_encrypt.c" is only for additional safety purpose

components/bootloader_support/src/flash_encryption/flash_encrypt.c

@@ -104,7 +104,8 @@ static esp_err_t check_and_generate_encryption_keys(void)
 #endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES256
 #endif // CONFIG_IDF_TARGET_ESP32
 
-    esp_efuse_block_t blocks[BLOCKS_NEEDED];
+    /* Initialize all efuse block entries to invalid (max) value */
+    esp_efuse_block_t blocks[BLOCKS_NEEDED] = {[0 ... BLOCKS_NEEDED-1] = EFUSE_BLK_KEY_MAX};
     bool has_key = true;
     for (unsigned i = 0; i < BLOCKS_NEEDED; i++) {
         bool tmp_has_key = esp_efuse_find_purpose(purposes[i], &blocks[i]);