diff --git a/src/libopensc/card-tcos.c b/src/libopensc/card-tcos.c
index 6fc1334d..85e663ac 100644
--- a/src/libopensc/card-tcos.c
+++ b/src/libopensc/card-tcos.c
@@ -559,11 +559,14 @@ static int tcos_compute_signature(sc_card_t *card, const u8 * data, size_t datal
 		memcpy(sbuf, data, datalen);
 		dlen=datalen;
 	} else {
-		size_t keylen= tcos3 ? 256 : 128;
+		size_t keylen = tcos3 ? 256 : 128;
+
+		if (datalen > keylen) {
+			SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_INVALID_ARGUMENTS);
+		}
+
 		sc_format_apdu(card, &apdu, keylen>255 ? SC_APDU_CASE_4_EXT : SC_APDU_CASE_4_SHORT, 0x2A,0x80,0x86);
 		for(i=0; i<sizeof(sbuf);++i) sbuf[i]=0xff;
-		if (keylen < datalen)
-			return SC_ERROR_INVALID_ARGUMENTS;
 		sbuf[0]=0x02; sbuf[1]=0x00; sbuf[2]=0x01; sbuf[keylen-datalen]=0x00;
 		memcpy(sbuf+keylen-datalen+1, data, datalen);
 		dlen=keylen+1;