So I need to send an AES key to multiple clients with their own EC public keys, I can't use a DH exchange as the key needs to be sent to all clients. How can I encrypt a pregenrated AES key and encrypt it with an EC public key?
EC: elliptical curve
So I need to send an AES key to multiple clients with their own EC public keys, I can't use a DH exchange as the key needs to be sent to all clients. How can I encrypt a pregenrated AES key and encrypt it with an EC public key?
EC: elliptical curve
You can use ECIES. It uses ephemeral-static Diffie-Hellman to create a random, shared symmetric key (tied to the private key of the receiver of course), which you can use to encrypt data or indeed wrap another key.
Make sure you protect your data in transit though, you may want to use authenticated encryption such as AES-GCM to make sure that the key cannot be altered or retrieved through padding oracle attacks.
For this you can use the Bouncy Castle (lightweight) API's, although you may have to alter the current implementation to use AES-GCM.