EncryptedData Class


Represents the <EncryptedData> element in XML encryption. This class cannot be inherited.

Namespace:   System.Security.Cryptography.Xml
Assembly:  System.Security (in System.Security.dll)


[HostProtectionAttribute(SecurityAction.LinkDemand, MayLeakOnAbort = true)]
public sealed class EncryptedData : EncryptedType


Initializes a new instance of the EncryptedData class.


Gets or sets the CipherData value for an instance of an EncryptedType class.(Inherited from EncryptedType.)


Gets or sets the Encoding attribute of an EncryptedType instance in XML encryption.(Inherited from EncryptedType.)


Gets or sets the <EncryptionMethod> element for XML encryption.(Inherited from EncryptedType.)


Gets or sets the <EncryptionProperties> element in XML encryption.(Inherited from EncryptedType.)


Gets or sets the Id attribute of an EncryptedType instance in XML encryption.(Inherited from EncryptedType.)


Gets of sets the <KeyInfo> element in XML encryption.(Inherited from EncryptedType.)


Gets or sets the MimeType attribute of an EncryptedType instance in XML encryption.(Inherited from EncryptedType.)


Gets or sets the Type attribute of an EncryptedType instance in XML encryption.(Inherited from EncryptedType.)


Adds an <EncryptionProperty> child element to the <EncryptedProperties> element in the current EncryptedType object in XML encryption.(Inherited from EncryptedType.)


Determines whether the specified object is equal to the current object.(Inherited from Object.)


Serves as the default hash function. (Inherited from Object.)


Gets the Type of the current instance.(Inherited from Object.)


Returns the XML representation of the EncryptedData object.(Overrides EncryptedType.GetXml().)


Loads XML information into the <EncryptedData> element in XML encryption.(Overrides EncryptedType.LoadXml(XmlElement).)


Returns a string that represents the current object.(Inherited from Object.)

This class is used to represent the <EncryptedData> element in XML encryption. This element is the core element in XML encryption. Its child element, <CipherData>, contains encrypted data. The <EncryptedData> element replaces an encrypted element or serves as the new document root.

The following example demonstrates how to encrypt and decrypt an XML element by using the EncryptedData class. This example then displays various properties of the EncryptedData class to the console.

using System;
using System.Xml;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;

class Program
	static void Main(string[] args)

		// Create an XmlDocument object.
		XmlDocument xmlDoc = new XmlDocument();

		// Load an XML file into the XmlDocument object.
			xmlDoc.PreserveWhitespace = true;
		catch (Exception e)

		// Create a new RSA key.  This key will encrypt a symmetric key,
		// which will then be imbedded in the XML document.  
		RSA rsaKey = new RSACryptoServiceProvider();

			// Encrypt the "creditcard" element.
			Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey");

			// Inspect the EncryptedKey element.

			// Decrypt the "creditcard" element.
			Decrypt(xmlDoc, rsaKey, "rsaKey");

		catch (Exception e)
			// Clear the RSA key.


	public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, RSA Alg, string KeyName)
		// Check the arguments.  
		if (Doc == null)
			throw new ArgumentNullException("Doc");
		if (ElementToEncrypt == null)
			throw new ArgumentNullException("ElementToEncrypt");
		if (Alg == null)
			throw new ArgumentNullException("Alg");

		// Find the specified element in the XmlDocument
		// object and create a new XmlElemnt object.

		XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement;

		// Throw an XmlException if the element was not found.
		if (elementToEncrypt == null)
			throw new XmlException("The specified element was not found");


		// Create a new instance of the EncryptedXml class 
		// and use it to encrypt the XmlElement with the 
		// a new random symmetric key.

		// Create a 256 bit Rijndael key.
		RijndaelManaged sessionKey = new RijndaelManaged();
		sessionKey.KeySize = 256;

		EncryptedXml eXml = new EncryptedXml();

		byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, sessionKey, false);

		// Construct an EncryptedData object and populate
		// it with the desired encryption information.

		EncryptedData edElement = new EncryptedData();
		edElement.Type = EncryptedXml.XmlEncElementUrl;

		// Create an EncryptionMethod element so that the 
		// receiver knows which algorithm to use for decryption.

		edElement.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);

		// Encrypt the session key and add it to an EncryptedKey element.
		EncryptedKey ek = new EncryptedKey();

		byte[] encryptedKey = EncryptedXml.EncryptKey(sessionKey.Key, Alg, false);

		ek.CipherData = new CipherData(encryptedKey);

		ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);

		// Set the KeyInfo element to specify the
		// name of the RSA key.

		// Create a new KeyInfo element.
		edElement.KeyInfo = new KeyInfo();

		// Create a new KeyInfoName element.
		KeyInfoName kin = new KeyInfoName();

		// Specify a name for the key.
		kin.Value = KeyName;

		// Add the KeyInfoName element to the 
		// EncryptedKey object.

		// Add the encrypted key to the 
		// EncryptedData object.

		edElement.KeyInfo.AddClause(new KeyInfoEncryptedKey(ek));

		// Add the encrypted element data to the 
		// EncryptedData object.
		edElement.CipherData.CipherValue = encryptedElement;

		// Replace the element from the original XmlDocument
		// object with the EncryptedData element.

		EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false);


	public static void Decrypt(XmlDocument Doc, RSA Alg, string KeyName)
		// Check the arguments.  
		if (Doc == null)
			throw new ArgumentNullException("Doc");
		if (Alg == null)
			throw new ArgumentNullException("Alg");
		if (KeyName == null)
			throw new ArgumentNullException("KeyName");

		// Create a new EncryptedXml object.
		EncryptedXml exml = new EncryptedXml(Doc);

		// Add a key-name mapping.
		// This method can only decrypt documents
		// that present the specified key name.
		exml.AddKeyNameMapping(KeyName, Alg);

		// Decrypt the element.


	static void InspectElement(XmlDocument Doc)
		// Get the EncryptedData element from the XMLDocument object.
		XmlElement encryptedData = Doc.GetElementsByTagName("EncryptedData")[0] as XmlElement;

		// Create a new EncryptedData object.
		EncryptedData encData = new EncryptedData();

		// Load the XML from the document to
		// initialize the EncryptedData object.

		// Display the properties.
		// Most values are Null by default.

		Console.WriteLine("EncryptedData.CipherData: " + encData.CipherData.GetXml().InnerXml);
		Console.WriteLine("EncryptedData.Encoding: " + encData.Encoding);
		Console.WriteLine("EncryptedData.EncryptionMethod: " + encData.EncryptionMethod.GetXml().InnerXml);
		if (encData.EncryptionProperties.Count >= 1)
			Console.WriteLine("EncryptedData.EncryptionProperties: " + encData.EncryptionProperties[0].GetXml().InnerXml);

		Console.WriteLine("EncryptedData.Id: " + encData.Id);
		Console.WriteLine("EncryptedData.KeyInfo: " + encData.KeyInfo.GetXml().InnerXml);
		Console.WriteLine("EncryptedData.MimeType: " + encData.MimeType);


.NET Framework
Available since 2.0

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top