diff --git a/src/main/java/com/ibm/crypto/plus/provider/AESCipher.java b/src/main/java/com/ibm/crypto/plus/provider/AESCipher.java
index 82bd13a40..6ebe8f6b9 100644
--- a/src/main/java/com/ibm/crypto/plus/provider/AESCipher.java
+++ b/src/main/java/com/ibm/crypto/plus/provider/AESCipher.java
@@ -86,6 +86,12 @@ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[]
         checkCipherInitialized();
 
         try {
+            int outputSize = engineGetOutputSize(inputLen);
+            if ((output == null) || ((output.length - outputOffset) < outputSize)) {
+                throw new ShortBufferException(
+                        "Output buffer must be " + "(at least) " + outputSize + " bytes long");
+            }
+
             if (use_z_fast_command) {
                 int encryptedData = engineUpdate(input, inputOffset, inputLen, output,
                         outputOffset);
diff --git a/src/test/java/ibm/jceplus/junit/base/BaseTestAESInterop.java b/src/test/java/ibm/jceplus/junit/base/BaseTestAESInterop.java
index 9e27f27d6..328fcd80d 100644
--- a/src/test/java/ibm/jceplus/junit/base/BaseTestAESInterop.java
+++ b/src/test/java/ibm/jceplus/junit/base/BaseTestAESInterop.java
@@ -26,6 +26,7 @@
 import javax.crypto.spec.SecretKeySpec;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.junit.jupiter.api.Assertions.fail;
 
@@ -175,23 +176,26 @@ public void testAES_OFB_NoPadding() throws Exception {
 
     @Test
     public void testAESShortBuffer() throws Exception {
-        doTestAESShortBuffer("AES", getProviderName());
-        doTestAESShortBuffer("AES", getInteropProviderName());
+        String msg = doTestAESShortBuffer("AES", getProviderName());
+        String interopMsg = doTestAESShortBuffer("AES", getInteropProviderName());
+        assertEquals(msg, interopMsg);
     }
 
-    private void doTestAESShortBuffer(String algorithm, String providerA) throws Exception {
+    private String doTestAESShortBuffer(String algorithm, String providerA) throws Exception {
+        String msg = null;
         try {
             // Test AES Cipher
-            cpA = Cipher.getInstance(algorithm, getProviderName());
+            cpA = Cipher.getInstance(algorithm, providerA);
 
             // Encrypt the plain text
             cpA.init(Cipher.ENCRYPT_MODE, key);
             byte[] cipherText = new byte[5];
             cpA.doFinal(plainText, 0, plainText.length, cipherText);
-            fail("Expected ShortBufferException did not occur");
+            fail("Expected ShortBufferException did not occur for provider: " + providerA);
         } catch (ShortBufferException ex) {
-            assertTrue(true);
+            msg = ex.getMessage();
         }
+        return msg;
     }
 
     @Test