The document below teaches you how to decrypt password protected Open Document Format (ODF) files using Java.1
In particular, this works around an issue with the standard Java
crypto library's PBEKeySpec, which requires a UTF-8 encoded
char[]-based password. Alas, ODF documents are encrypted
by digesting the user-entered password with SHA1, which produces an
arbitrary binary password, therefore making it impossible to use only
the standard Java crypto library for this process.
Our document provides a version of Matthias
Gärtner's PBKDF2 class and all remaining knowledge for
decrypting ODF documents. Thanks also go to Steven Elliot for an excellent analysis of the
processes and caveats involved, not to mention his oodecr
software.
| Description: | How to decrypt password protected Open Document Format (ODF) files (such as used by OpenOffice.org) using Java. |
| Documentation: | Decrypting ODF Files.odt (27.0KiB) Decrypting ODF Files.pdf (113.1KiB) |
If you have lost your password for an encrypted document, there is virtually nothing that you can do to recover it: OpenDocument uses a 128-bit cryptographic cipher (Blowfish, designed by security expert Bruce Schneier) which, as of the time of this writing, has remained unbroken and secure. This is not secret decoder ring junk, but serious crypto, the kind that, on average, requires thousands of years of time on super-computers to break.
That said, you have two options, and only the first is likely to be of any real value:
If you do want to give #1 a try (and why not, you have no other option), then you might find our ODFind tool useful: Its purpose is to search for text in OpenDocument files; when it encounters an encrypted document, it will prompt you for a password (over and over again if you don't give it one that works). Nothing can magically recover an encrypted document for you, but at least ODFind makes it as easy/fast as possible to type passwords over and over again as you try a bunch of them.
Of interest to programmers might be also the Apache ODF Toolkit. It doesn't decrypt anything, but does provide for a means to get at the meta-data for a document (and everything else, too). If you don't want to roll your own XML parsing to retrieve the salt, initialization vector, etc. for an encrypted document, then have a look at the Apache Foundation's ODF Toolkit!
__________All content is copyright © Ringlord Technologies unless otherwise stated. We do encourage deep linking to our site's pages but forbid direct reference to images, software or other non-pages stored here; likewise, do not embed our content in frames or other constructs that may mislead the reader about the content ownership. Play nice, yes?