# PKCS#7 The rules for PKCS padding are very simple: * Padding bytes are always added to the clear text before it is encrypted. * Each padding byte has a value equal to the total number of padding bytes that are added. For example, if 6 padding bytes must be added, each of those bytes will have the value 0x06. * The total number of padding bytes is at least one, and is the number that is required in order to bring the data length up to a multiple of the cipher algorithm block size. AES, for example, has a cipher block size of 16 bytes. The total number of padding bytes added to the clear text will always be between 1 and 16. | Value of clear text length | Number of bytes added | Value of each padding byte | | -------------------------- | --------------------- | -------------------------- | | 0 | 16 | 0x10 | | 1 | 15 | 0x0F | | 2 | 14 | 0x0E | | 3 | 13 | 0x0D | | 4 | 12 | 0x0C | | 5 | 11 | 0x0B | | 6 | 10 | 0x0A | | 7 | 9 | 0x09 | | 8 | 8 | 0x08 | | 9 | 7 | 0x07 | | 10 | 6 | 0x06 | | 11 | 5 | 0x05 | | 12 | 4 | 0x04 | | 13 | 3 | 0x03 | | 14 | 2 | 0x02 | | 15 | 1 | 0x01 | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.ctfrecipes.com/cryptography/general-knowledge/padding/pkcs-7.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.