keyMaterial (sharedKey) Element

The keyMaterial (sharedKey) element contains a network key or passphrase. If the protected element has a value of TRUE, then this key material is encrypted; otherwise, the key material is unencrypted. Encrypted key material is expressed in hexadecimal form.

<xs:element name="keyMaterial"

The element is defined by the sharedKey element.


The range of valid values for the keyMaterial element varies by the type of authentication and encryption used, as specified by the authentication and encryption elements. It also varies by keyType.

The following table shows valid keyMaterial values for some authentication and encryption pairs.

authentication value encryption value keyType value Valid keyMaterial values
open or shared WEP networkKey This element contains a WEP key of 5 or 13 ANSI characters, or of 10 or 26 hexadecimal characters.
WPAPSK or WPA2PSK TKIP or AES passPhrase This element contains a passphrase of 8 to 63 ASCII characters, that is, 8 to 63 ANSI characters in the range of 32 to 126. Key values must comply with the requirements specified by 802.11i.
WPAPSK or WPA2PSK TKIP or AES networkKey This element contains a key of 64 hexadecimal characters.


Unicode characters may be entered where ANSI or ASCII characters are specified above. However, if the supplied Unicode characters cannot be mapped to ANSI or ASCII characters, then the supplied key material is rejected.

Key material returned by WlanGetProfile is always encrypted. Also, if unencrypted key material is passed to WlanSetProfile, the key material is automatically encrypted before it is stored in the profile store.

Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: The key material is never encrypted.

If your process runs in the context of the LocalSystem account, then you can unencrypt key material by calling CryptUnprotectData.


To view sample profiles that use the keyMaterial element, see Non-Broadcast Profile Sample, WPA-Personal Profile Sample, and WPA2-Personal Profile Sample.


Requirement Value
Minimum supported client
Windows Vista, Windows XP with SP3 [desktop apps only]
Minimum supported server
Windows Server 2008 [desktop apps only]
Wireless LAN API for Windows XP with SP2

See also

Definition context of element in schema


Possible immediate parent element in schema instance

sharedKey (security)