ESP32 flash encryption on flash encryption disabled bootloader

[bipin_c@shoreline]

Hi all,
I am new to ESP32 development. i have few questions related to flash encryption.

Case 1-
let us say i flashed bootloader and application image on esp32 with flash encryption disabled.application image does the job of just downloading the new firmware from sever and reboots the device.here is the twist now.if the new downloaded image from server is flash encryption enabled image,will the bootloader do the flash encryption here and then boot to newly downloaded image?or it won't boot newly downloaded image as it has flash encryption enabled?

Case 2-
Lets say i decided to write custom bootloader(flash encryption enabled) which will download the firmware using wifi OTA,and then boot from the app.is it possible for anyone with bad intentions to hack the code?

Case 3-
If i decide to go with the option 3 mentioned in link "https://www.esp32.com/viewtopic.php?t=9994",(as i want to achieve the same goal mentioned on that link) how much efforts required for that?can i simply port OTA code in my bootloader which will download the new image from server and boot from it?how can i skip the "enable flash encryption" steps if there is no flash encryption key set in efuse yet(point 1 mentioned in option 3).Is this option practically implementable?if anyone has implemented it earlier,can i have reference to it?

i am asking this as i want to implement it for application in production and i want it to be fully secured.
Can someone please help on this.If you have any other secured option,it will be helpful.

Thanks

[WiFive]

1. Encryption won't work because it has to be compiled into the bootloader but the new app should still run without encryption.
2. Bootloader does not do OTA, it is only a small piece of code that runs from ram. You still need an initial app to do the ota.
3. Not hard but practically does not add much security.