- key and iv should be stored
- iv should not be random
- use base64 to share/decrypt the encrypted value
- if the key is a sha256 in the database, in the java should be the same
- review UNHEX
SET block_encryption_mode = 'aes-256-cbc';
SET @key_str = UNHEX(SHA2('RwcmlVpg',256));
SET @iv = '4e5Wa71fYoT7MFEX';
SET @ciphertext = AES_ENCRYPT('Hello chicho', @key_str, @iv);
select TO_BASE64(@ciphertext);
output
mysql> SET block_encryption_mode = 'aes-256-cbc';
Query OK, 0 rows affected (0.00 sec)
mysql> SET @key_str = UNHEX(SHA2('RwcmlVpg',256));
Query OK, 0 rows affected (0.00 sec)
mysql> SET @iv = '4e5Wa71fYoT7MFEX';
Query OK, 0 rows affected (0.00 sec)
mysql> SET @ciphertext = AES_ENCRYPT('Hello chicho', @key_str, @iv);
Query OK, 0 rows affected (0.01 sec)
mysql> select TO_BASE64(@ciphertext);
+--------------------------+
| TO_BASE64(@ciphertext) |
+--------------------------+
| xmOHJsn6UV1DfYe0IBZ9Og== |
+--------------------------+
1 row in set (0.00 sec)
mysql> SELECT AES_DECRYPT(@ciphertext, @key_str, @iv);
+-----------------------------------------+
| AES_DECRYPT(@ciphertext, @key_str, @iv) |
+-----------------------------------------+
| Hello chicho |
+-----------------------------------------+
1 row in set (0.02 sec)
java AESUtil xmOHJsn6UV1DfYe0IBZ9Og==
output
hello chicho