diff --git a/pkcs11/yubihsm_pkcs11.c b/pkcs11/yubihsm_pkcs11.c
index 7947577d..cdaf0d2e 100644
--- a/pkcs11/yubihsm_pkcs11.c
+++ b/pkcs11/yubihsm_pkcs11.c
@@ -5717,7 +5717,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_DeriveKey)
     if(out_len > value_len) {
       // Truncate from the left
       memmove(ecdh_key.ecdh_key, ecdh_key.ecdh_key + out_len - value_len, value_len);
-      memset(ecdh_key.ecdh_key + value_len, 0, out_len - value_len);
       out_len = value_len;
     }
   }
@@ -5728,7 +5727,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_DeriveKey)
   memcpy(ecdh_key.label, label_buf, label_len);
   list_append(&session->ecdh_session_keys, &ecdh_key);
 
-  insecure_memzero(ecdh_key.ecdh_key, out_len);
+  insecure_memzero(ecdh_key.ecdh_key, sizeof(ecdh_key.ecdh_key));
 
   *phKey = ecdh_key.id;