jwt · anakinj · Aug 24, 2025 · Aug 24, 2025 · Aug 24, 2025 · Aug 24, 2025
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -1,5 +1,3 @@
-inherit_from: .rubocop_todo.yml
-
 AllCops:
   TargetRubyVersion: 2.5
   NewCops: enable
@@ -17,3 +15,7 @@ Metrics/BlockLength:
 Style/PercentLiteralDelimiters:
   PreferredDelimiters:
     "%w": "[]"
+
+Naming/MethodParameterName:
+  AllowedNames: ["iv", "b", "j", "a", "r", "t"]
+
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
diff --git a/jwe.gemspec b/jwe.gemspec
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-lib = File.expand_path('../lib/', __FILE__)
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'jwe/version'
 

diff --git a/lib/jwe.rb b/lib/jwe.rb
@@ -75,7 +75,7 @@ def check_key(key)
     end
 
     def param_to_class_name(param)
-      klass = param.gsub(/[-\+]/, '_').downcase.sub(/^[a-z\d]*/) { $&.capitalize }
+      klass = param.gsub(/[-+]/, '_').downcase.sub(/^[a-z\d]*/) { ::Regexp.last_match(0).capitalize }
       klass.gsub(/_([a-z\d]*)/i) { Regexp.last_match(1).capitalize }
     end
 

diff --git a/lib/jwe/alg/aes_kw.rb b/lib/jwe/alg/aes_kw.rb
@@ -6,8 +6,7 @@ module JWE
   module Alg
     # Generic AES Key Wrapping algorithm for any key size.
     module AesKw
-      attr_accessor :key
-      attr_accessor :iv
+      attr_accessor :key, :iv
 
       def initialize(key = nil, iv = "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6")
         self.iv = iv.b
@@ -45,9 +44,7 @@ def decrypt(encrypted_cek)
           a, r = kw_decrypt_round(j, a, r)
         end
 
-        if a != iv
-          raise StandardError.new('The encrypted key has been tampered. Do not use this key.')
-        end
+        raise StandardError.new('The encrypted key has been tampered. Do not use this key.') if a != iv
 
         r.join
       end

diff --git a/lib/jwe/enc/aes_cbc_hs.rb b/lib/jwe/enc/aes_cbc_hs.rb
@@ -6,9 +6,7 @@ module JWE
   module Enc
     # Abstract AES in Block cipher mode, with message signature for different key sizes.
     module AesCbcHs
-      attr_accessor :cek
-      attr_accessor :iv
-      attr_accessor :tag
+      attr_writer :cek, :iv, :tag
 
       def initialize(cek = nil, iv = nil)
         self.iv = iv
@@ -30,9 +28,7 @@ def decrypt(ciphertext, authenticated_data)
         raise JWE::BadCEK, "The supplied key is invalid. Required length: #{key_length}" if cek.length != key_length
 
         signature = generate_tag(authenticated_data, iv, ciphertext)
-        if signature != tag
-          raise JWE::InvalidData, 'Authentication tag verification failed'
-        end
+        raise JWE::InvalidData, 'Authentication tag verification failed' if signature != tag
 
         cipher_round(:decrypt, iv, ciphertext)
       rescue OpenSSL::Cipher::CipherError

diff --git a/lib/jwe/enc/aes_gcm.rb b/lib/jwe/enc/aes_gcm.rb
@@ -6,9 +6,7 @@ module JWE
   module Enc
     # Abstract AES in Galois Counter mode for different key sizes.
     module AesGcm
-      attr_accessor :cek
-      attr_accessor :iv
-      attr_accessor :tag
+      attr_writer :iv, :cek, :tag
 
       def initialize(cek = nil, iv = nil)
         self.iv = iv