Encrypt XSL


I'm looking for a solution to protect the xsl from our outsite vendors from seeing it. I'm creating a Java desktop application to do the transform works.

Is there a secure way to encrypt the xsl? I think the XSL can be compiled into a class. I wonder how secure it could be if somebody try to reverse engineer it to get to the source (or close to the original source).

I hope the experts in this field can provide some valuable insight.

I'm open to other suggestion as well. Thank you!


Who is Participating?
jkmyoungConnect With a Mentor Commented:
First thing that comes to mind is: Saxon 8 allows you to precompile stylesheets, making it not easily human readable. Also speeds up the process if you use the same xsl many times.

Alternatively, you could encrypt all your xsl files, and decrypt them in your java application before running the transformations.
owonseedAuthor Commented:
Saxon has limitation on the XSL compilation:

"Stylesheet compilation is not currently supported for schema-aware stylesheets, specifically, for stylesheets that contain an <xsl:import-schema> declaration."

This unfortunately does not allow me to use the Saxon XSL Compilation.

If I encrypt the XSL using java, and decrypt it when I need it, would the decrypted XSL be stored as memory or physical file in local temp folder? My concern is whether a user can look for the decrypted XSL file from the local file system.

- OwonSeed
Geert BormansConnect With a Mentor Information ArchitectCommented:
Hi owonseed,

unless you have a schema aware stylesheet (if you do you are basically bound to Saxon)
xsltc would be the first that comes to my mind
(this is java bytecode generated by xalan)

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.