diff --git a/sys/netipsec/ipsec.c b/sys/netipsec/ipsec.c
index 1eb0f6ab05f4..bbbe0cec913e 100644
--- a/sys/netipsec/ipsec.c
+++ b/sys/netipsec/ipsec.c
@@ -1922,6 +1922,8 @@ xform_init(struct secasvar *sav, int xftype)
 {
 	struct xformsw *xsp;
 
+	if (sav->tdb_xform != NULL)	/* previously initialized */
+		return 0;
 	for (xsp = xforms; xsp; xsp = xsp->xf_next)
 		if (xsp->xf_type == xftype)
 			return (*xsp->xf_init)(sav, xsp);
diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c
index de0362ef3ba1..9e6e09b2fa9b 100644
--- a/sys/netipsec/key.c
+++ b/sys/netipsec/key.c
@@ -2751,13 +2751,24 @@ key_delsav(sav)
 	if (__LIST_CHAINED(sav))
 		LIST_REMOVE(sav, chain);
 
+	/*
+	 * Cleanup xform state.  Note that zeroize'ing causes the
+	 * keys to be cleared; otherwise we must do it ourself.
+	 */
+	if (sav->tdb_xform != NULL) {
+		sav->tdb_xform->xf_zeroize(sav);
+		sav->tdb_xform = NULL;
+	} else {
+		if (sav->key_auth != NULL)
+			bzero(_KEYBUF(sav->key_auth), _KEYLEN(sav->key_auth));
+		if (sav->key_enc != NULL)
+			bzero(_KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc));
+	}
 	if (sav->key_auth != NULL) {
-		bzero(_KEYBUF(sav->key_auth), _KEYLEN(sav->key_auth));
 		KFREE(sav->key_auth);
 		sav->key_auth = NULL;
 	}
 	if (sav->key_enc != NULL) {
-		bzero(_KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc));
 		KFREE(sav->key_enc);
 		sav->key_enc = NULL;
 	}