--- signimage/sign_image
+++ signimage/sign_image
@@ -397,10 +397,17 @@
 # needed                                                                           #
 #                                                                                  #
 ####################################################################################
+zero_blocks_in_hash=2K        # 2 blocks ./var/signature member + 2 blocks EoA marker
 if [ $(( ( copy_blocks + 2 ) % 20 )) -eq 0 ]; then
+  if [ "${YF_SIGNIMAGE_9K_WORKAROUND_METHOD}" == "ZERO_BLOCKS" ]; then
+    echo -e "Workarounding 9K problem by shortening the area \x1B[1m$hash_algo\x1B[0m-sum is computed over" 1>&2
+    zero_blocks_in_hash=1K    # 2 blocks ./var/signature member only
+    touch "$tmp/filler.bin"
+  else
 	echo -ne "Repeating first entry as filler ... " 1>&2
 	"$YF_SIGNIMAGE_DD" if="$image_file" of="$tmp/filler.bin" bs=512 count=1 status=none 2>/dev/null
 	show_ok
+  fi
 elif [ $(( copy_blocks % 8 )) -eq 5 ] || [ $(( copy_blocks % 8 )) -eq 6 ]; then
 	# Our signature would nearly fill the last 4K block and another error would get triggered
 	# (a tar file without proper EoA blocks is used by AVM, if in last 4K block only 1 or 0
@@ -421,6 +428,7 @@
 #                                                                                  #
 ####################################################################################
 "$YF_SIGNIMAGE_DD" if=/dev/zero of="$tmp/1K.bin" bs=512 count=2 status=none 2>/dev/null
+"$YF_SIGNIMAGE_DD" if=/dev/zero of="$tmp/2K.bin" bs=512 count=4 status=none 2>/dev/null
 ####################################################################################
 #                                                                                  #
 # generate the signature file                                                      #
@@ -432,7 +440,7 @@
 #                                                                                  #
 ##################################A#################################################
 echo -en "Signing the image hash (\x1B[1m$hash_algo\x1B[0m) with RSA key from \x1B[1m${name_prefix}.${private_extension}\x1B[0m ... " 1>&2
-"$YF_SIGNIMAGE_DD" if="$image_file" bs=512 count=$copy_blocks status=none 2>&1 | cat - "$tmp/filler.bin" "$tmp/1K.bin" "$tmp/1K.bin" |
+"$YF_SIGNIMAGE_DD" if="$image_file" bs=512 count=$copy_blocks status=none 2>&1 | cat - "$tmp/filler.bin" "$tmp/${zero_blocks_in_hash}.bin" |
 "$YF_SIGNIMAGE_OPENSSL" dgst -$hash_algo -sign "${name_prefix}.${private_extension}" -out "$tmp/var/signature" -passin "pass:$KEYPASSWORD"
 rc=$?
 if [ $rc -eq 0 ]; then