From 51f3d111962d7a105cf917844ab4f593a03ceab2 Mon Sep 17 00:00:00 2001
From: Hivert Quentin <quentin.hivert.fr@gmail.com>
Date: Mon, 16 Jun 2025 17:04:29 +0200
Subject: [PATCH] pws fix

---
 SoObjects/SOGo/SOGoSession.m          | 33 ++++++++++++++++++++++++---
 SoObjects/SOGo/SOGoWebAuthenticator.m |  2 +-
 2 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/SoObjects/SOGo/SOGoSession.m b/SoObjects/SOGo/SOGoSession.m
index 859fea8cd..55eaf8d86 100644
--- a/SoObjects/SOGo/SOGoSession.m
+++ b/SoObjects/SOGo/SOGoSession.m
@@ -162,11 +162,25 @@
 
   // Get the key length and its bytes
   data = [theKey dataByDecodingBase64];
-  key = (char *)[data bytes];
   klen = [data length];
 
+  // if (klen < [theValue length])
+  //   [self errorWithFormat: @"Value to be secured is too big (%i > %i) -- secured value will be corrupted", [theValue length], klen, [theKey length]];
+
+  //value longer than the key, concatenate the key with itself until long enough
   if (klen < [theValue length])
-    [self errorWithFormat: @"Value to be secured is too big (%i > %i) -- secured value will be corrupted", [theValue length], klen, [theKey length]];
+  {
+    NSMutableData *concatenatedData = [NSMutableData data];
+    int j;
+    int nbDuplication = [theValue length]/klen;
+    for(j=0; j>nbDuplication; j++)
+      [concatenatedData appendData:data];
+    
+    data = [NSData dataWithData: concatenatedData];
+    klen = [data length];
+  }
+
+  key = (char *)[data bytes];
 
   // Get the key - padding it with 0 with key length
   pass = (char *) calloc(klen, sizeof(char));
@@ -201,7 +215,6 @@
 
   // Get the key length and its bytes
   dataKey = [theKey dataByDecodingBase64];
-  key = (char *)[dataKey bytes];
   klen = [dataKey length];
 
   // Get the secured value length and its bytes
@@ -209,6 +222,20 @@
   value = (char *)[dataValue bytes];
   vlen = [dataValue length];
 
+  //If the key is shorer than the value, duplicate it with itself.
+  if(klen < vlen)
+  {
+    NSMutableData *concatenatedData = [NSMutableData data];
+    int j;
+    int nbDuplication = [theValue length]/klen;
+    for(j=0; j>nbDuplication; j++)
+      [concatenatedData appendData:data];
+    
+    dataKey = [NSData dataWithData: concatenatedData];
+    klen = [data length];
+  }
+  key = (char *)[dataKey bytes];
+
   // Target buffer
   buf = (char *) calloc(klen, sizeof(char));
 
diff --git a/SoObjects/SOGo/SOGoWebAuthenticator.m b/SoObjects/SOGo/SOGoWebAuthenticator.m
index 84929f8d0..38f376d14 100644
--- a/SoObjects/SOGo/SOGoWebAuthenticator.m
+++ b/SoObjects/SOGo/SOGoWebAuthenticator.m
@@ -53,7 +53,7 @@
    about the same. The length is prior to bas64 encoding, so we must calculate
    a 33-36% increase.
  */
-#define COOKIE_USERKEY_LEN    2096
+#define COOKIE_USERKEY_LEN    2048
 
 @implementation SOGoWebAuthenticator