From 02b333607971222849f39bcaeb8ee5a8e2a7074e Mon Sep 17 00:00:00 2001
From: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Date: Tue, 14 Jun 2022 17:13:52 -0400
Subject: Lowercase identities for comparison

When performing attestor identity comparisons, lowercase email addresses
and domain names for case-insensitive matching.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
---
 b4/__init__.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/b4/__init__.py b/b4/__init__.py
index c8189b1..00419be 100644
--- a/b4/__init__.py
+++ b/b4/__init__.py
@@ -1779,7 +1779,7 @@ class LoreAttestor:
         else:
             mode = self.mode
 
-        return '%s/%s' % (mode, self.identity)
+        return '%s/%s' % (mode, self.identity.lower())
 
     def check_time_drift(self, emldate, maxdays: int = 30) -> bool:
         if not self.passing or self.signtime is None:
@@ -1800,13 +1800,13 @@ class LoreAttestor:
             return False
 
         if self.level == 'domain':
-            if emlfrom.endswith('@' + self.identity):
+            if emlfrom.lower().endswith('@' + self.identity.lower()):
                 logger.debug('PASS : sig domain %s matches from identity %s', self.identity, emlfrom)
                 return True
             self.errors.append('signing domain %s does not match From: %s' % (self.identity, emlfrom))
             return False
 
-        if emlfrom == self.identity:
+        if emlfrom.lower() == self.identity.lower():
             logger.debug('PASS : sig identity %s matches from identity %s', self.identity, emlfrom)
             return True
         self.errors.append('signing identity %s does not match From: %s' % (self.identity, emlfrom))
-- 
cgit v1.2.3