class PhisherPhinder::MailParser::ReceivedHeaders::StarttlsParser

Public Instance Methods

parse(component) click to toggle source
# File lib/phisher_phinder/mail_parser/received_headers/starttls_parser.rb, line 7
def parse(component)
  return {starttls: nil} unless component

  patterns = [
    /\(version=(?<version>\S+)\scipher=(?<cipher>\S+)\sbits=(?<bits>\S+)\)/,
    /\(version=(?<version>\S+),\scipher=(?<cipher>\S+)\)/,
    /using\s(?<version>\S+)\swith cipher\s(?<cipher>\S+)\s\((?<bits>.+?) bits\)/
  ]

  matches = patterns.inject(nil) do |memo, pattern|
    memo || component.match(pattern)
  end

  {
    starttls: {
      version: matches[:version],
      cipher: matches[:cipher],
      bits: matches.names.include?('bits') ? matches[:bits] : nil,
    }
  }
end