I am implementing SSL on server side to authenticate the client certificate(X.509) and also client will authenticate the servers certificate(X.509). Once the mutual authentication has completed server has to generate AES key for encryption and decryption.
In server side I am creating 256 bits AES key for encrypting the plaintext using C programming using OpenSSL. AES_KEY aeskey; RAND_bytes(key32,sizeof(key32)); AES_set_encrypt_key(key32, 32*8, &aeskey); AES_cbc_encrypt(inbuf, outbuf, 16, &aeskey, iv, AES_ENCRYPT); I have to decrypt the same message in Client side. Client side I am using JAVA Programming. 1. How i can send this AES key to JAVA client? or 2. How can derive common AES key on both side? 2. Can i use Password Based Encryption to derive the common keys for both side(JAVA and C)? Thanks, Krish