This section describes the algorithm used to pad clear text when the PKCS-PAD method is specified. Padding is applied before encryption when this keyword is specified with the Symmetric Algorithm Encipher callable service, and it is removed from decrypted data when the keyword is specified with the Symmetric Algorithm Decipher callable service.
Value of clear text length (mod 16) | Number of padding bytes added | Value of each padding byte |
---|---|---|
0 | 16 | 0x10 |
1 | 15 | 0x0F |
2 | 14 | 0x0E |
3 | 13 | 0x0D |
4 | 12 | 0x0C |
5 | 11 | 0x0B |
6 | 10 | 0x0A |
7 | 9 | 0x09 |
8 | 8 | 0x08 |
9 | 7 | 0x07 |
10 | 6 | 0x06 |
11 | 5 | 0x05 |
12 | 4 | 0x04 |
13 | 3 | 0x03 |
14 | 2 | 0x02 |
15 | 1 | 0x01 |
Note that the PKCS standards that define this padding method describe it in a way that limits the maximum padding length to 8 bytes. This is a consequence of the fact that the algorithms at that time used 8-byte blocks. We extend the definition to apply to 16-byte AES cipher blocks.