diff --git a/lib/jose/jwe/enc/aescbc.c b/lib/jose/jwe/enc/aescbc.c
index a08dc82ac..9cd517948 100644
--- a/lib/jose/jwe/enc/aescbc.c
+++ b/lib/jose/jwe/enc/aescbc.c
@@ -154,7 +154,7 @@ lws_jwe_encrypt_cbc_hs(struct lws_jwe *jwe, uint8_t *cek,
 
 int
 lws_jwe_auth_and_decrypt_cbc_hs(struct lws_jwe *jwe, uint8_t *enc_cek,
-					uint8_t *aad, int aad_len)
+				uint8_t *aad, int aad_len)
 {
 	int n, hlen = lws_genhmac_size(jwe->jose.enc_alg->hmac_type);
 	uint8_t digest[LWS_GENHASH_LARGEST];
diff --git a/lib/jose/jwe/jwe-rsa-aescbc.c b/lib/jose/jwe/jwe-rsa-aescbc.c
index 76be23206..a46df34be 100644
--- a/lib/jose/jwe/jwe-rsa-aescbc.c
+++ b/lib/jose/jwe/jwe-rsa-aescbc.c
@@ -178,5 +178,12 @@ lws_jwe_auth_and_decrypt_rsa_aes_cbc_hs(struct lws_jwe *jwe)
 		return -1;
 	}
 
+	/* strip padding */
+
+	n = jwe->jws.map.buf[LJWE_CTXT][jwe->jws.map.len[LJWE_CTXT] - 1];
+	if (n > 16)
+		return -1;
+	jwe->jws.map.len[LJWE_CTXT] -= n;
+
 	return jwe->jws.map.len[LJWE_CTXT];
 }
diff --git a/lib/jose/jwe/jwe-rsa-aesgcm.c b/lib/jose/jwe/jwe-rsa-aesgcm.c
index 8ac0ff3a9..aa9f64174 100644
--- a/lib/jose/jwe/jwe-rsa-aesgcm.c
+++ b/lib/jose/jwe/jwe-rsa-aesgcm.c
@@ -170,5 +170,12 @@ lws_jwe_auth_and_decrypt_rsa_aes_gcm(struct lws_jwe *jwe)
 		return -1;
 	}
 
+	/* strip padding */
+
+	n = jwe->jws.map.buf[LJWE_CTXT][jwe->jws.map.len[LJWE_CTXT] - 1];
+	if (n > 16)
+		return -1;
+	jwe->jws.map.len[LJWE_CTXT] -= n;
+
 	return jwe->jws.map.len[LJWE_CTXT];
 }