0

I'm using Windows API CryptEncrypt with CALG_AES_256 I want to use a password to encrypt, from what I understand 

 1. CryptAcquireContext
 2. CryptCreateHash (CALG_MD5)
 3. CryptHashData
 4. CryptDeriveKey
 5. CryptEncrypt

I need to decrypt with nodejs crypto & I used openssl enc to test nodejs decrypting was successful but with C code the message is different How does windows use the hash ?

4

1 回答 1

0

您应该使用密码哈希函数,而不仅仅是普通哈希。密码哈希是加盐的,并且具有使攻击者更难使用字典攻击猜测密码的工作因素。

Microsoft在 CNG 框架中创建了 PBKDF2 的实现。PBKDF2 也包含在 OpenSSL 中

于 2015-06-02T08:25:30.280 回答