What is the key object that needs to be accepted by this function?
An array of bytes.
how would you get that from a user's random length password?
The usual practice is using Password-Based Key Derivation Functions (PBKDF) like PBKDF2, Bcrypt, Argon2, BalloonHash, etc. Keep in mind that they cannot increase the strength of the input. Therefore, a user must choose a good password with enough strength like a password generated with dicewire method.
In some applications like disk encryption, a uniform random key is generated for the disk encryption and this is encrypted from the key derived from the user's passwords. Still, the security depends on the quality of the password.
Also, the key material can be the source of a key exchange like DHKE, in this case a Key Derivation Function like HKDF must be applied to key material to derive AES key (bytes).
Would PKCS7 have already been run so that the key is padded?
No way, that is not secure. If you are designing a library, reject the user's (programmers') input if it is shorter than the target key size.
is this showing that the user's actual entered key is part of the key schedule or are all keys in the schedule derived from the user's actual raw input key?
The user's password should be processed with a PBKDF to derive the key. The key schedule needs a key array with size depending on the preferred AES (128,192,256). The key schedule doesn't distinguish the quality of the key material and it is not part of its design. The responsibility of the quality of the key material is on the user and libraries. The libraries that encrypt should have handled the passwords with a good PBKDF and entered the output into the key schedule. This process must be independent of the user - except for some warning about the quality of the password.
All in one;
- Get a password from the user and warn the user if the password is short.
- derive the desired key byte-array from the password with a PBKDF
- Supply the key schedule with the derived key byte-array.