Make cbc_pad its own mode
Currently, #11825 fixed the CBC_PAD implementation for AES. However, it would be useful to make
cbc_pad its own mode (like cbc, ecb, etc) to allow other mechanisms (e.g. DES3 for those unfortunate enough to have to still use it) to also make use of it. Additionally we can improve the padding validation currently being done to be more resistant to timing and oracle attacks.