This example shows how to create a boot image with authentication enabled for FSBL and the application with boot header authentication enabled to bypass the PPK hash verification:
the_ROM_image:
{
[auth_params] ppk_select=0; spk_id=0x00000000
[pskfile] PSK.pem
[sskfile] SSK.pem
[
bootloader,
authentication=rsa,
destination_cpu=a53-0
] ZynqMP_Fsbl.elf
[destination_cpu=a53-0, authentication=aes] App_A53_0.elf
}