I am implementing SSL on server side to authenticate the client
certificate(X.509) and also client will authenticate the servers
certificate(X.509). Once the mutual authentication has completed server has
to generate AES key for encryption and decryption.
In server side I am creating 256 bits AES key for encrypting the
plaintext using C programming using OpenSSL.
AES_KEY aeskey;
RAND_bytes(key32,sizeof(key32));
AES_set_encrypt_key(key32, 32*8, &aeskey);
AES_cbc_encrypt(inbuf, outbuf, 16, &aeskey, iv, AES_ENCRYPT);
I have to decrypt the same message in Client side. Client side I am
using JAVA Programming.
1. How i can send this AES key to JAVA client? or
2. How can derive common AES key on both side?
2. Can i use Password Based Encryption to derive the common keys for
both side(JAVA and C)?
Thanks,
Krish
