MbedTLS requires AES keys to have the exact block length in function
mbedtls_cipher_setkey(). The key passed to the dcaf
encryption/decryption functions therefore are filled with zero bytes
when to short, or truncated when too long.