With PKCS padding there is always between 1 and 16 padding bytes added (for AES). The value of the padding bytes is equal to the number of padding bytes added, so if one padding byte has been added then the value "0x01" will be added, for two padding bytes then "0x0202" will be added, for three "0x030303", and so on.
Where the plaintext length is a multiple of the block length, then you still need to add padding, and in this case the padding will be an entire block's worth. If you think about it if the scheme did not always add at least one byte of padding how would you know if the final byte was a "real" byte, or a "padding byte"? Matt On 4 January 2013 14:33, Roar Lien <[email protected]> wrote: > Hi,**** > > I am experiencing an issue that has to do with the PKCS padding. I am > using AES with CBC mode. When padding is enabled and the plain text buffer > is size a multiple of the block size, the call to ‘EVP_EncryptFinal_ex()’ > adds an entire extra block to the cipher text. If the input is a multiple > of the block size, then why is padding still being added?**** > > ** ** > > - Roar**** >
