I have this code that I made so far but I don't know how to complete it$.$ I have to:

At the browser$/$client side:

$*$Validate the self$-$signed certificate

$*$Generate a random session key for AES

$*$Use RSA to encrypt the session key using the server$$s public key extracted from the certificate

$*$Send the encrypted session key to the server

At the server side:

$*$Use the server$$s private key to decrypt the ession key

$*$Print out $************$ Now both parties have the session key $***************$

$*$The server uses AES to encrypt a message saying $$Hello Browser$$

At the browser$/$client side:

$*$The Client received the encrypted message and check that it says $$Hello Browser$$

$*$The client uses AES to encrypt a message saying $$Hello Browser$123$

At the server side:

$*$The server decrypts the message and check that it says $$Hello Browser$123$

$*$Print out $**************$ Secure communicate can start now $******************$

The code:

from OpenSSL import crypto, SSL

from socket import gethostname

from pprint import pprint

from time import gmtime, mktime

CERT$\_$FILE $=$ "selfsigned.crt$"$

KEY$\_$FILE $=$ "private.key"

def create$\_$self$\_$signed$\_$cert$()$:

# create a key pair

k $=$ crypto.PKey$()$

k$.$generate$\_$key$($crypto$.$TYPE$\_$RSA, $1024)$

# create a self$-$signed cert

cert $=$ crypto.X$509()$

cert.get$\_$subject$().$C $="$UK$"$ #The country of the entity

cert.get$\_$subject$().$ST $=$ "Buckinghshire" #State Or Province Name

cert.get$\_$subject$().$L $=$ "Buckingham" #locality Name

cert.get$\_$subject$().$O $=$ "The University of Buckignham" #Organization Name

cert.get$\_$subject$().$OU $=$ "Computing School" #organizational Unit Name

cert.get$\_$subject$().$CN $=$ "Kiundae Tuzo" # commonName.. you could use gethostname$()$

cert.get$\_$subject$().$emailAddress$=$"hisham.al$-$assam@buckingham.ac$.$uk$"$

cert.set$\_$serial$\_$number$(1000)$

cert.gmtime$\_$adj$\_$notBefore$(0)$ #time before which the certificate is not valid

cert.gmtime$\_$adj$\_$notAfter$(10*365*24*60*60)$ #time after which the certificate is not validcert.set$\_$issuer$($cert$.$get$\_$subject$())$

cert.set$\_$pubkey$($k$)$

cert.sign$($k$,$ 'sha$1\text{'})$

open$($CERT$\_$FILE, $"$wb$").$write$($ crypto.dump$\_$certificate$($crypto$.$FILETYPE$\_$PEM, cert$))$

open$($KEY$\_$FILE, $"$wb$").$write$($crypto$.$dump$\_$privatekey$($crypto$.$FILETYPE$\_$PEM, k$))$

create$\_$self$\_$signed$\_$cert$()$