diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index ed56824e..8ed428fb 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -2078,6 +2078,9 @@ static int pki_signature_from_ecdsa_blob(UNUSED_PARAM(const ssh_key pubkey),
         return SSH_ERROR;
     }
 
+    /* The buffer will contain sensitive information. Make sure it is erased */
+    ssh_buffer_set_secure(buf);
+
     rc = ssh_buffer_add_data(buf,
                              ssh_string_data(sig_blob),
                              ssh_string_len(sig_blob));
diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c
index 8aec75e9..ee087e42 100644
--- a/src/pki_gcrypt.c
+++ b/src/pki_gcrypt.c
@@ -1846,6 +1846,8 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
                     ssh_signature_free(sig);
                     return NULL;
                 }
+                /* The buffer will contain sensitive information. */
+                ssh_buffer_set_secure(b);
 
                 rc = ssh_buffer_add_data(b,
                                          ssh_string_data(sig_blob),