Thanks. I understood the situation.

Please close this topic.]]>

Most AES mode require the input to be multiples of block size (16 bytes). TLS handles padding for block size. You should be able to pad with zeros if you want as long as the input is a multiple of 16 bytes. The resulting output will be the same length as the input. The decrypted text on the other side will have the padding and be a multiple of the block size. Most padding scheme use a length and known pad character. If you want to use AES and not worry about padding, I'd recommend AES GCM, which is an authentication cipher (wc_AesGcmEncrypt / wc_AesGcmDecrypt) and allows for any size input.

Thanks,

David Garske, wolfSSL

I am trying to use wc_AesCbcEncryptWithKey() and wc_AesCbcDecryptWithKey() for encrypt/decrypt data with AES128 CBC algorithm.

The function wc_AesCbcDecryptWithKey() has no ouput parameter for decrypt data length. So, when the plain text length is not multiple of 16, how can I know the exact decrypt data length?

I tried to use memset() for initialing decrypt buffer as all 0, then expect getting the exact decrypt length by strlen(). But I am failed. In decrypt buffer, after real plain text data, the padding are some abnormal data, not all 0.

Could you please give me some guide? Thanks.

]]>