I am trying to understand how MySQL converts the "key_str" (AES
p***word) argument in functions "AES_ENCRYPT(str,key_str)" or
"AES_DECRYPT(crypt_str,key_str)" if the length of the "key_str"
characters is > 16 characters. I am trying to write parallel Java AES
functions that work exactly as the MySQL AES functions.

>From my tests, I've concluded that MySQL first converts the "key_str"
to bytes and then uses those bytes for AES ciphering. If the size of
the converted bytes is < 16 bytes (32 hex chars or 128 bits), the
converted bytes value is padded with 0x00 (2 zeros in hex) until 128
bits are reached. For example, if you supply value "p***word" to the
AES functions, the text "p***word" is converted to bytes and padded
until 128 bits (32 characters) are reached and is thus (in hexadecimal
format): "70617373776f72640000000000000000". The hex value of
"p***word" is "70617373776f7264" and the "0000000000000000" was added
as padding to achieve a 128-bit value before the AES ciphering takes
place.

So, what does MySQL do with "key_str" values > 16 characters long?
This is where I'm stumpted. I'm very unexperienced with hex/binary
data and Java functions, so any help is necessary. I'll attempt to
read the MySQL source now, but I'm a beginner at C code (***umed) too.

EMAIL REMOVED wrote:

> I am trying to understand how MySQL converts the "key_str" (AES
> p***word) argument in functions "AES_ENCRYPT(str,key_str)" or
> "AES_DECRYPT(crypt_str,key_str)" if the length of the "key_str"
> characters is > 16 characters.

"use the source, Luke!"

from $MYSQL_SOURCE/mysys/my_aes.c:

static int my_aes_create_key(KEYINSTANCE *aes_key,
enum encrypt_dir direction, const char *key,
int key_length)
{
uint8 rkey[AES_KEY_LENGTH/8]; /* The real key to be used for encryption */
uint8 *rkey_end=rkey+AES_KEY_LENGTH/8; /* Real key boundary */
uint8 *ptr; /* Start of the real key*/
const char *sptr; /* Start of the working key */
const char *key_end=key+key_length; /* Working key boundary*/

bzero((char*) rkey,AES_KEY_LENGTH/8); /* Set initial key */

for (ptr= rkey, sptr= key; sptr < key_end; ptr++, sptr++)
{
if (ptr == rkey_end)
ptr= rkey; /* Just loop over tmp_key until we used all key */
*ptr^= (uint8) *sptr;
}
....


1. the AES key is initialized with all zeros

2. the AES key is XORed with the given key; if there are more bytes in
the key than in the AES key, it starts over at the beginning of the
AES key until all key material is used


XL
--
Axel Schwenke, Support Engineer, MySQL AB

Online User Manual: http://dev.mysql.com/doc/refman/5.0/en/
MySQL User Forums: http://forums.mysql.com/

Axel:

Thanks! I actually read the source last night and figured it out
(after a long while because I don't know C). As you mentioned, the
final key is looped over and the byte value is incremented with the ^=
operator.

Here's the final Java function I wrote, for obtaining an AES key as
MySQL does:


private byte[] getAESKey(String s)
{
char[] sourceKey = s.toCharArray();

// The final, 128-bit key to be used for encryption; convert to
bytes
byte[] finalKey = new byte[128/8];

// initialize values for final key (accommodates padding)
for (int i=0;i<finalKey.length;i++)
{
finalKey[i] = 0x00;
}

for (int k=0, r=0; k<sourceKey.length; k++, r++)
{
if (r == finalKey.length)
r = 0; // reset location of final key to 0
finalKey[r] ^= (byte)sourceKey[k];
}
return finalKey;
}



Thanks again for your help and quick reply.