I'm using Windows API CryptEncrypt with CALG_AES_256
I want to use a password to encrypt, from what I understand
1. CryptAcquireContext
2. CryptCreateHash (CALG_MD5)
3. CryptHashData
4. CryptDeriveKey
5. CryptEncrypt
I need to decrypt with nodejs crypto & I used openssl enc to test nodejs
decrypting was successful but with C code the message is different
How does windows use the hash ?
You should be using a password-hash function, not just a normal hash. A password-hash is salted and has a work-factor that makes it harder for an attacker to guess the password using a dictionary attack.
Microsoft has created an implementation of PBKDF2 in the CNG framework. PBKDF2 is also contained in OpenSSL.