server
response
1.genarate a random AES key2.encrypt this AES key with server RSA public key3.encrypt requestUrl /requestHeader/requestBody with AES key4. send the encrypted AES key to server with the request
5.decrypt AES key with server RSA private key6.decrypt requestUrl /requestHeader/requestBody with AES key7.genarate a random AES key8.encrypt this AES key with client RSA public key9.encrypt responseBody with AES key10. send the encrypted AES key response to client with the request
11. decrypt AES key with client RSA private key12.decrypt responseBody with AES key
client(APP/h5)
request
