Looking at the documentation , it seems that you, the library user, need to pave the data yourself. The documentation states that the block size for AES is always 16 bytes, so you need to strip the data to a multiple of 16 bytes.
How filling is performed depends on the type of data. For strings, the best approach is probably to encode a string for a particular encoding, and then the length of that encoding. Thus, you do not rely on all characters represented by 8-bit code:
plaintext = data.encode('utf-8') l = len(plaintext) ciphertext = cipher.encrypt(plaintext + ((16 - len%16) * PADDING_BYTE))
A similar approach will work when you are an array of data bytes.
0 should work fine, like PADDING_BYTE , but you need to take care to remove the padding when you decrypt the data. It might be worth specifying the length of the data in ciphertext, for example. before encrypting, add the length of the data in clear text, but then you need to jump over a few hoops to make sure that the filling is done correctly.
Edit : oh, yes, just like the RFC GregS references are mentioned, the standard way to handle the length problem is to use indentation length as pad byte. That is, if you need 6 bytes of padding, then the extra byte will be 0x06 . Note that if you do not need to fill in, you must add a whole block of fill bytes (16 bytes 0xa0 ) so that you can correctly recover the message.
liwp
source share