It looks like the current implementations in Chrome (95) and Safari (15) add 16 bytes of padding to already 16-byte aligned blocks prior to encryption (and expect the same when decrypting), and it appears to be correct according to the W
1707.03473] Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves
java - Bouncy Castle PKCS7 padding - Stack Overflow
C 501: Padding Oracle Attack (20 pts + 50 extra)
An Overview of Cryptography
The Bouncy Castle FIPS Java API, PDF, Cyberwarfare
Javascript AES-CBC: PKCS7 Padding broken for 16 bytes long blocks (and multiples) · Issue #5 · aleaxit/slowaes · GitHub
Symmetric Encryption: Two Sides, One Key
encryption - how to implement AES 128bit with CBC (with 32bit IV and key)in java? - Stack Overflow
CBC Padding Oracle Attack
How does the CBC Padding Oracle Attack work in General? - Cryptography Stack Exchange
ValueError: Error 3 while encrypting in ECB mode · Issue #10 · Legrandin/pycryptodome · GitHub