diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3ec9273de9..fa6991e9fd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2684,34 +2684,41 @@ static psa_status_t psa_sign_verify_check_alg(int input_is_message,
 }
 
 /**
- * \brief                       Fill the unused part of the output buffer (the
- *                              whole buffer on error, the trailing part on
- *                              success) with something that isn't a valid
- *                              signature (barring an attack on the signature
- *                              and deliberately-crafted input), in case the
- *                              caller doesn't check the return status properly.
+ * \brief                       For output buffers which contain "tags"
+ *                              (outputs that may be checked for validity like
+ *                              Hashes, MACs and signatures), fill the unused
+ *                              part of the output buffer (the whole buffer on
+ *                              error, the trailing part on success) with
+ *                              something that isn't a valid tag (barring an
+ *                              attack on the tag and deliberately-crafted
+ *                              input), in case the caller doesn't check the
+ *                              return status properly.
  *
  * \param output_buffer         pointer to buffer to wipe. May not be NULL
  *                              unless \p output_buffer_size is zero.
  * \param status                status of function called to generate
  *                              output_buffer originally
  * \param output_buffer_size    Size of output buffer. If zero, \p output_buffer
- *                              could be NULL
+ *                              could be NULL.
  * \param output_buffer_length  Length of data written to output_buffer, must be
  *                              less than \p output_buffer_size
  */
-static void psa_wipe_output_buffer(uint8_t *output_buffer, psa_status_t status,
-                                   size_t output_buffer_size, size_t output_buffer_length)
+static void psa_wipe_tag_output_buffer(uint8_t *output_buffer, psa_status_t status,
+                                       size_t output_buffer_size, size_t output_buffer_length)
 {
-    if (status == PSA_SUCCESS) {
-        memset(output_buffer + output_buffer_length, '!',
-               output_buffer_size - output_buffer_length);
-    } else if (output_buffer_size > 0) {
-        memset(output_buffer, '!', output_buffer_size);
+    size_t offset = 0;
+
+    if (output_buffer_size == 0) {
+        /* If output_buffer_size is 0 then we have nothing to do. We must not
+           call memset because output_buffer may be NULL in this case */
+        return;
     }
-    /* If output_buffer_size is 0 then we have nothing to do. We must
-     * not call memset because output_buffer may be NULL in this
-     * case.*/
+
+    if (status == PSA_SUCCESS) {
+        offset = output_buffer_length;
+    }
+
+    memset(output_buffer + offset, '!', output_buffer_size - offset);
 }
 
 static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key,
@@ -2776,8 +2783,8 @@ static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key,
 
 
 exit:
-    psa_wipe_output_buffer(signature, status, signature_size,
-                           *signature_length);
+    psa_wipe_tag_output_buffer(signature, status, signature_size,
+                               *signature_length);
 
     unlock_status = psa_unlock_key_slot(slot);
 
@@ -3293,8 +3300,8 @@ psa_status_t psa_sign_hash_complete(
 
 exit:
 
-    psa_wipe_output_buffer(signature, status, signature_size,
-                           *signature_length);
+    psa_wipe_tag_output_buffer(signature, status, signature_size,
+                               *signature_length);
 
     if (status != PSA_OPERATION_INCOMPLETE) {
         if (status != PSA_SUCCESS) {