You need to pad additional 1024 dummy bytes (as a worst case) at the end of the secure bootstream to ensure that the host is able to send all the bytes of an application to the Slave boot processor.