Thanks, Brent. Your response identified the problem. I hadn't added the KeyInfo to each EncryptedData, but only once. So, as long as there was only one encrypted element, it worked but threw an exception if there were more. Works like a charm now.
Thanks again, Wolfgang > > 1) When encrypting, make sure to generate an EncryptedKey from the > symmetric data encryption key using the desired key encryption key. If > you're using asymmetric keys for key transport, then the latter would be > the public key half of the recipient's key pair. Then add the > EncryptedKey to *each* EncryptedData's KeyInfo. (There are other ways > to place and resolve EncryptedKey's but that's the default resolution > mechanism supported by the library). >
