From d3634747d52cfa40e9bd6f4064e377fe1eec65ed Mon Sep 17 00:00:00 2001
From: smizrahi <seb.mizrahi@gmail.com>
Date: Wed, 23 Nov 2022 10:06:43 +0100
Subject: [PATCH] feat(password-recovery): Change secondary email obfuscation

---
 SoObjects/SOGo/SOGoUserManager.m | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/SoObjects/SOGo/SOGoUserManager.m b/SoObjects/SOGo/SOGoUserManager.m
index 77dcf1953..1a8ed6b93 100644
--- a/SoObjects/SOGo/SOGoUserManager.m
+++ b/SoObjects/SOGo/SOGoUserManager.m
@@ -1334,7 +1334,8 @@ static const NSString *kObfuscatedSecondaryEmailKey = @"obfuscatedSecondaryEmail
   SOGoSystemDefaults *sd;
   NSString *uid, *suffix;
   NSMutableString *obfuscatedSecondaryEmail;
-  NSInteger secondaryEmailLength = 0, obfuscatedSecondaryEmailLength = 0, i = 0;
+  NSInteger i, j;
+  NSRange range;
 
   userDefaults = nil;
   info = [self contactInfosForUserWithUIDorEmail: username];
@@ -1362,17 +1363,21 @@ static const NSString *kObfuscatedSecondaryEmailKey = @"obfuscatedSecondaryEmail
                           [userDefaults passwordRecoveryQuestion], kSecretQuestionKey, 
                           nil];
     } else if (nil != userDefaults && [[userDefaults passwordRecoveryMode] isEqualToString: SOGoPasswordRecoverySecondaryEmail]) {
-      secondaryEmailLength = [[userDefaults passwordRecoverySecondaryEmail] length];
-      // Obfuscate 80% of email. Compute nb character obfuscated
-      obfuscatedSecondaryEmailLength = (NSUInteger)(0.8 * secondaryEmailLength);
-      obfuscatedSecondaryEmail = [NSMutableString stringWithString: @"*"];
-      for (i = 1 ; i < secondaryEmailLength ; i++) {
-        if (i < obfuscatedSecondaryEmailLength
-            && ![[[userDefaults passwordRecoverySecondaryEmail] substringWithRange:NSMakeRange(i, 1)] isEqualToString: @"@"]) {
-          [obfuscatedSecondaryEmail appendString: @"*"];
-        } else {
-          [obfuscatedSecondaryEmail appendString: [[userDefaults passwordRecoverySecondaryEmail] substringWithRange:NSMakeRange(i, 1)]];
-        }
+      // Obfuscate email
+      obfuscatedSecondaryEmail = [userDefaults passwordRecoverySecondaryEmail];
+
+      range = [obfuscatedSecondaryEmail rangeOfString: @"@"];
+      if (range.location != NSNotFound) {
+          for (i = 1 ; i < (range.location - 1) ; i++) {
+              obfuscatedSecondaryEmail = [obfuscatedSecondaryEmail stringByReplacingCharactersInRange:NSMakeRange(i, 1) withString:@"*"];
+          }
+          i = range.location + 2;
+          range = [obfuscatedSecondaryEmail rangeOfString:@"." options:NSBackwardsSearch];
+          if (range.location != NSNotFound) {
+              for (j = i ; j < (range.location - 1) ; j++) {
+                  obfuscatedSecondaryEmail = [obfuscatedSecondaryEmail stringByReplacingCharactersInRange:NSMakeRange(j, 1) withString:@"*"];
+              }
+          }
       }
 
       data = [NSDictionary dictionaryWithObjectsAndKeys: [userDefaults passwordRecoveryMode], kModeKey, obfuscatedSecondaryEmail, kObfuscatedSecondaryEmailKey, nil];