From 42548a147ee0ad943778027a1abaa978ab027d1a Mon Sep 17 00:00:00 2001 From: Joakim Antman Date: Sun, 24 Aug 2025 12:47:06 +0300 Subject: [PATCH 1/4] Fix Style/RedundantRegexpEscape --- lib/jwe.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/jwe.rb b/lib/jwe.rb index 4134b31..afbcf08 100644 --- a/lib/jwe.rb +++ b/lib/jwe.rb @@ -75,7 +75,7 @@ def check_key(key) end def param_to_class_name(param) - klass = param.gsub(/[-\+]/, '_').downcase.sub(/^[a-z\d]*/) { $&.capitalize } + klass = param.gsub(/[-+]/, '_').downcase.sub(/^[a-z\d]*/) { $&.capitalize } klass.gsub(/_([a-z\d]*)/i) { Regexp.last_match(1).capitalize } end From 5225a79d40c2d3cb9254ce1e2e3dd2c9dc098368 Mon Sep 17 00:00:00 2001 From: Joakim Antman Date: Sun, 24 Aug 2025 12:50:21 +0300 Subject: [PATCH 2/4] Fix autocorrectable rubocop issues --- .rubocop_todo.yml | 28 ---------------------------- jwe.gemspec | 2 +- lib/jwe.rb | 2 +- lib/jwe/alg/aes_kw.rb | 7 ++----- lib/jwe/enc/aes_cbc_hs.rb | 8 ++------ lib/jwe/enc/aes_gcm.rb | 4 +--- 6 files changed, 7 insertions(+), 44 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 9d2d4ad..bcd0b7a 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -23,31 +23,3 @@ Naming/MethodParameterName: - 'lib/jwe/enc/aes_gcm.rb' - 'lib/jwe/serialization/compact.rb' -# Offense count: 8 -# This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: EnforcedStyle. -# SupportedStyles: separated, grouped -Style/AccessorGrouping: - Exclude: - - 'lib/jwe/alg/aes_kw.rb' - - 'lib/jwe/enc/aes_cbc_hs.rb' - - 'lib/jwe/enc/aes_gcm.rb' - -# Offense count: 1 -# This cop supports safe autocorrection (--autocorrect). -Style/ExpandPathArguments: - Exclude: - - 'jwe.gemspec' - -# Offense count: 2 -# This cop supports safe autocorrection (--autocorrect). -Style/IfUnlessModifier: - Exclude: - - 'lib/jwe/alg/aes_kw.rb' - - 'lib/jwe/enc/aes_cbc_hs.rb' - -# Offense count: 1 -# This cop supports safe autocorrection (--autocorrect). -Style/PerlBackrefs: - Exclude: - - 'lib/jwe.rb' diff --git a/jwe.gemspec b/jwe.gemspec index 26348d9..07314d4 100644 --- a/jwe.gemspec +++ b/jwe.gemspec @@ -1,6 +1,6 @@ # frozen_string_literal: true -lib = File.expand_path('../lib/', __FILE__) +lib = File.expand_path('lib', __dir__) $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) require 'jwe/version' diff --git a/lib/jwe.rb b/lib/jwe.rb index afbcf08..be8f36b 100644 --- a/lib/jwe.rb +++ b/lib/jwe.rb @@ -75,7 +75,7 @@ def check_key(key) end def param_to_class_name(param) - klass = param.gsub(/[-+]/, '_').downcase.sub(/^[a-z\d]*/) { $&.capitalize } + klass = param.gsub(/[-+]/, '_').downcase.sub(/^[a-z\d]*/) { ::Regexp.last_match(0).capitalize } klass.gsub(/_([a-z\d]*)/i) { Regexp.last_match(1).capitalize } end diff --git a/lib/jwe/alg/aes_kw.rb b/lib/jwe/alg/aes_kw.rb index d885815..a325d69 100644 --- a/lib/jwe/alg/aes_kw.rb +++ b/lib/jwe/alg/aes_kw.rb @@ -6,8 +6,7 @@ module JWE module Alg # Generic AES Key Wrapping algorithm for any key size. module AesKw - attr_accessor :key - attr_accessor :iv + attr_accessor :key, :iv def initialize(key = nil, iv = "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6") self.iv = iv.b @@ -45,9 +44,7 @@ def decrypt(encrypted_cek) a, r = kw_decrypt_round(j, a, r) end - if a != iv - raise StandardError.new('The encrypted key has been tampered. Do not use this key.') - end + raise StandardError.new('The encrypted key has been tampered. Do not use this key.') if a != iv r.join end diff --git a/lib/jwe/enc/aes_cbc_hs.rb b/lib/jwe/enc/aes_cbc_hs.rb index 13b81af..3346007 100644 --- a/lib/jwe/enc/aes_cbc_hs.rb +++ b/lib/jwe/enc/aes_cbc_hs.rb @@ -6,9 +6,7 @@ module JWE module Enc # Abstract AES in Block cipher mode, with message signature for different key sizes. module AesCbcHs - attr_accessor :cek - attr_accessor :iv - attr_accessor :tag + attr_accessor :cek, :iv, :tag def initialize(cek = nil, iv = nil) self.iv = iv @@ -30,9 +28,7 @@ def decrypt(ciphertext, authenticated_data) raise JWE::BadCEK, "The supplied key is invalid. Required length: #{key_length}" if cek.length != key_length signature = generate_tag(authenticated_data, iv, ciphertext) - if signature != tag - raise JWE::InvalidData, 'Authentication tag verification failed' - end + raise JWE::InvalidData, 'Authentication tag verification failed' if signature != tag cipher_round(:decrypt, iv, ciphertext) rescue OpenSSL::Cipher::CipherError diff --git a/lib/jwe/enc/aes_gcm.rb b/lib/jwe/enc/aes_gcm.rb index f1b24e4..e52c44a 100644 --- a/lib/jwe/enc/aes_gcm.rb +++ b/lib/jwe/enc/aes_gcm.rb @@ -6,9 +6,7 @@ module JWE module Enc # Abstract AES in Galois Counter mode for different key sizes. module AesGcm - attr_accessor :cek - attr_accessor :iv - attr_accessor :tag + attr_accessor :cek, :iv, :tag def initialize(cek = nil, iv = nil) self.iv = iv From ff435de98ceea0c3de00fe4ebf465ed63f9cb574 Mon Sep 17 00:00:00 2001 From: Joakim Antman Date: Sun, 24 Aug 2025 13:00:36 +0300 Subject: [PATCH 3/4] Fix accessor lint issues --- .rubocop_todo.yml | 6 ------ lib/jwe/enc/aes_cbc_hs.rb | 2 +- lib/jwe/enc/aes_gcm.rb | 2 +- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index bcd0b7a..ebebb56 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -6,12 +6,6 @@ # Note that changes in the inspected code, or installation of new # versions of RuboCop, may require this file to be generated again. -# Offense count: 6 -Lint/DuplicateMethods: - Exclude: - - 'lib/jwe/enc/aes_cbc_hs.rb' - - 'lib/jwe/enc/aes_gcm.rb' - # Offense count: 15 # Configuration parameters: MinNameLength, AllowNamesEndingInNumbers, AllowedNames, ForbiddenNames. # AllowedNames: as, at, by, cc, db, id, if, in, io, ip, of, on, os, pp, to diff --git a/lib/jwe/enc/aes_cbc_hs.rb b/lib/jwe/enc/aes_cbc_hs.rb index 3346007..5dc6cb2 100644 --- a/lib/jwe/enc/aes_cbc_hs.rb +++ b/lib/jwe/enc/aes_cbc_hs.rb @@ -6,7 +6,7 @@ module JWE module Enc # Abstract AES in Block cipher mode, with message signature for different key sizes. module AesCbcHs - attr_accessor :cek, :iv, :tag + attr_writer :cek, :iv, :tag def initialize(cek = nil, iv = nil) self.iv = iv diff --git a/lib/jwe/enc/aes_gcm.rb b/lib/jwe/enc/aes_gcm.rb index e52c44a..dd89d40 100644 --- a/lib/jwe/enc/aes_gcm.rb +++ b/lib/jwe/enc/aes_gcm.rb @@ -6,7 +6,7 @@ module JWE module Enc # Abstract AES in Galois Counter mode for different key sizes. module AesGcm - attr_accessor :cek, :iv, :tag + attr_writer :iv, :cek, :tag def initialize(cek = nil, iv = nil) self.iv = iv From 5794e5bbdcc51763207284276f01c2a9cfdf49a8 Mon Sep 17 00:00:00 2001 From: Joakim Antman Date: Sun, 24 Aug 2025 15:14:27 +0300 Subject: [PATCH 4/4] Fix accessor lint issues Allow some short param names --- .rubocop.yml | 6 ++++-- .rubocop_todo.yml | 19 ------------------- 2 files changed, 4 insertions(+), 21 deletions(-) delete mode 100644 .rubocop_todo.yml diff --git a/.rubocop.yml b/.rubocop.yml index 58ec2ae..48e7d18 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,5 +1,3 @@ -inherit_from: .rubocop_todo.yml - AllCops: TargetRubyVersion: 2.5 NewCops: enable @@ -17,3 +15,7 @@ Metrics/BlockLength: Style/PercentLiteralDelimiters: PreferredDelimiters: "%w": "[]" + +Naming/MethodParameterName: + AllowedNames: ["iv", "b", "j", "a", "r", "t"] + diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml deleted file mode 100644 index ebebb56..0000000 --- a/.rubocop_todo.yml +++ /dev/null @@ -1,19 +0,0 @@ -# This configuration was generated by -# `rubocop --auto-gen-config` -# on 2025-02-16 07:54:09 UTC using RuboCop version 1.72.1. -# The point is for the user to remove these configuration records -# one by one as the offenses are removed from the code base. -# Note that changes in the inspected code, or installation of new -# versions of RuboCop, may require this file to be generated again. - -# Offense count: 15 -# Configuration parameters: MinNameLength, AllowNamesEndingInNumbers, AllowedNames, ForbiddenNames. -# AllowedNames: as, at, by, cc, db, id, if, in, io, ip, of, on, os, pp, to -Naming/MethodParameterName: - Exclude: - - 'lib/jwe/alg/aes_kw.rb' - - 'lib/jwe/enc.rb' - - 'lib/jwe/enc/aes_cbc_hs.rb' - - 'lib/jwe/enc/aes_gcm.rb' - - 'lib/jwe/serialization/compact.rb' -