From 278991912e9bd49f672c02d599161f3aa163d806 Mon Sep 17 00:00:00 2001
From: bpmcdevitt <brendan@mcdevitt.tech>
Date: Wed, 28 Sep 2022 23:59:42 -0500
Subject: [PATCH] begin adding some cpe lookup stuff so we can just include
 that in our output

---
 .../mozilla_security_advisory_scraper.rb      | 23 ++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/tools/mozilla/security_advisory_scraper/mozilla_security_advisory_scraper.rb b/tools/mozilla/security_advisory_scraper/mozilla_security_advisory_scraper.rb
index f33be2b..b7258f8 100644
--- a/tools/mozilla/security_advisory_scraper/mozilla_security_advisory_scraper.rb
+++ b/tools/mozilla/security_advisory_scraper/mozilla_security_advisory_scraper.rb
@@ -129,7 +129,28 @@ class MozillaSecurityAdvisoryScraper
     File.write("./data/#{advisory_hash[:advisory_id]}.json", pretty_json)
   end
 
-  def product_name_version_to_cpe(product_name, product_version)
+  def cve_cpes_from_nvd(cve_id)
+    body = get("https://services.nvd.nist.gov/rest/json/cpematch/2.0?cveId=#{cve_id}")
+    json = JSON.parse(body)
+    cpes = json.dig('matchStrings').map {|match_strings| match_strings.dig('matches')}
+  end
+
+  def product_name_to_cpe
+    # todo: record cpe translation
+    {
+      'Thunderbird': 'cpe:2.3:a:mozilla:thunderbird',
+      'Firefox': 'cpe:2.3:a:mozilla:firefox',
+      'Firefox ESR': 'cpe:2.3:a:mozilla:firefox_esr',
+      'NSS': 'cpe:2.3:a:mozilla:nss',
+      'Mozilla VPN': 'cpe:2.3:a:mozilla:mozilla_vpn',
+      'Firefox for Android': '',
+      'Firefox for iOS': '',
+      'Mozilla VPN Android': '',
+      'Mozilla VPN iOS': '',
+      'Mozilla VPN Windows': '',
+      'Thunderbird ESR': '',
+      'SeaMonkey': ''
+    }
   end
 
 end