Revert "[nrf noup] boot: bootutil: Allow configuring number of KMU keys"

This reverts commit 373038b.

Signed-off-by: Tomasz Chyrowicz <[email protected]>

Author: tomchy

boot/bootutil/src/ed25519_psa.c

@@ -12,7 +12,6 @@
 
 #include <psa/crypto.h>
 #include <psa/crypto_types.h>
-#include <zephyr/sys/util.h>
 #if defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
 #include <cracen_psa_kmu.h>
 #endif
@@ -31,9 +30,7 @@ static psa_key_id_t kmu_key_ids[3] =  {
     MAKE_PSA_KMU_KEY_ID(228),
     MAKE_PSA_KMU_KEY_ID(230)
 };
-
-BUILD_ASSERT(CONFIG_BOOT_SIGNATURE_KMU_SLOTS <= ARRAY_SIZE(kmu_key_ids),
-	     "Invalid number of KMU slots, up to 3 are supported on nRF54L15");
+#define KMU_KEY_COUNT (sizeof(kmu_key_ids)/sizeof(kmu_key_ids[0]))
 #endif
 
 #if !defined(CONFIG_BOOT_SIGNATURE_USING_KMU)
@@ -108,7 +105,7 @@ int ED25519_verify(const uint8_t *message, size_t message_len,
 
     status = PSA_ERROR_BAD_STATE;
 
-    for (int i = 0; i < CONFIG_BOOT_SIGNATURE_KMU_SLOTS; ++i) {
+    for (int i = 0; i < KMU_KEY_COUNT; ++i) {
         psa_key_id_t kid = kmu_key_ids[i];
 
         status = psa_verify_message(kid, PSA_ALG_PURE_EDDSA, message,

boot/zephyr/Kconfig

@@ -398,18 +398,6 @@ config BOOT_SIGNATURE_USING_KMU
 	  MCUboot will use keys provisioned to the device key management unit for signature
 	  verification instead of compiling in key data from a file.
 
-if BOOT_SIGNATURE_USING_KMU
-
-config BOOT_SIGNATURE_KMU_SLOTS
-	int "KMU key slots"
-	range 1 3
-	default 1
-	help
-	  Selects the number of KMU key slots (also known as generations) to use when verifying
-	  an image.
-
-endif
-
 if !BOOT_SIGNATURE_USING_KMU
 
 config BOOT_SIGNATURE_KEY_FILE