EncryptedData.SetSecret method

[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista, and Windows XP. Instead, use Platform Invocation Services (PInvoke) to call the Win32 API functions CryptEncryptMessage and CryptDecryptMessage to encrypt and decrypt messages. For information about PInvoke, see Platform Invoke Tutorial. The .NET and CryptoAPI via P/Invoke: Part 1 and .NET and CryptoAPI via P/Invoke: Part 2 subsections of Extending .NET Cryptography with CAPICOM and P/Invoke may also be helpful.]

The SetSecret method sets the value of the secret used to derive the cryptographic session key used to encrypt and decrypt data.


EncryptedData.SetSecret( _
  ByVal newVal, _
  [ ByVal SecretType ] _


newVal [in]

A string that contains a secret used to create a session cryptographic key.

SecretType [in, optional]

A value of the CAPICOM_SECRET_TYPE enumeration that indicates the kind of secret used to generate the session key. The default value is CAPICOM_SECRET_PASSWORD. This parameter can be the following value.


The encryption key is to be derived from a password.


Return value

This method does not return a value.


The secret is used to create the session key for encryption or decryption. The same secret must be used for both operations. If the secret used to encrypt data is lost, the encrypted data cannot be decrypted.

If appropriate for your application, consider using CryptProtectMemory or CryptProtectData to protect the secret before and after use. Clear the memory associated with the secret when done.


End of client support

Windows Vista

End of server support

Windows Server 2008


CAPICOM 2.0 or later on Windows Server 2003 and Windows XP



See also

Cryptography Objects