Padding is added on the right normally, so consider rtrim()
:
$data = rtrim($decrypted, chr(0));
However this is still not yet perfectly safe because in PHP strings can contain NUL-bytes. If for some reason the plain did had NUL-bytes at the end, the rtrim
will remove the padding and those previous NUL-bytes.