EncryptedData object

[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista, and Windows XP. Instead, use Platform Invocation Services (PInvoke) to call the Win32 API functions CryptEncryptMessage and CryptDecryptMessage to encrypt and decrypt messages. For information about PInvoke, see Platform Invoke Tutorial. The .NET and CryptoAPI via P/Invoke: Part 1 and .NET and CryptoAPI via P/Invoke: Part 2 subsections of Extending .NET Cryptography with CAPICOM and P/Invoke may also be helpful.]

The EncryptedData object provides properties and methods to encrypt and decrypt data using a session key derived from a secret.


CAPICOM does not support the PKCS #7 EncryptedData content type but uses a nonstandard ASN structure for EncryptedData. Therefore, only CAPICOM can decrypt a CAPICOM EncryptedData object.



The EncryptedData object has these types of members:


The EncryptedData object has these methods.

Method Description
Decrypt Decrypts encrypted content using the secret.
Encrypt Encrypts the content using the current secret and encryption algorithm.
SetSecret Sets the secret from which the encryption/decryption session key is derived.



The EncryptedData object has these properties.

Property Access type Description
Algorithm used for encryption/decryption.
The content to be encrypted or decrypted. Setting this property must be done before the Encrypt method is called.
When the value of this property is reset, directly or indirectly, the whole state of the object is reset, and any encrypted content in the object is lost.
This is the default property.



The EncryptedData object can be created, and it is safe for scripting. The ProgID for the EncryptedData object is CAPICOM.EncryptedData.1.


Requirement Value
End of client support
Windows Vista
End of server support
Windows Server 2008
CAPICOM 2.0 or later on Windows Server 2003 and Windows XP

See also

Cryptography Objects