Ensured JCA Name comparison is not case sensitive per Java Security S…

…tandard Algorithm Names documentation. Accompanied with test case for regression.

Resolves jwtk#381

api/src/main/java/io/jsonwebtoken/SignatureAlgorithm.java

@@ -349,7 +349,11 @@ private void assertValid(Key key, boolean signing) throws InvalidKeyException {
             if (alg == null) {
                 throw new InvalidKeyException("The " + keyType(signing) + " key's algorithm cannot be null.");
             }
-            if (!HS256.jcaName.equals(alg) && !HS384.jcaName.equals(alg) && !HS512.jcaName.equals(alg)) {
+
+            // These next checks use equalsIgnoreCase per https://github.com/jwtk/jjwt/issues/381#issuecomment-412912272
+            if (!HS256.jcaName.equalsIgnoreCase(alg) &&
+                !HS384.jcaName.equalsIgnoreCase(alg) &&
+                !HS512.jcaName.equalsIgnoreCase(alg)) {
                 throw new InvalidKeyException("The " + keyType(signing) + " key's algorithm '" + alg +
                     "' does not equal a valid HmacSHA* algorithm name and cannot be used with " + name() + ".");
             }

api/src/test/groovy/io/jsonwebtoken/SignatureAlgorithmTest.groovy

@@ -372,6 +372,25 @@ class SignatureAlgorithmTest {
         }
     }
 
+    @Test // https://github.com/jwtk/jjwt/issues/381
+    void testAssertValidHmacSigningKeyCaseInsensitiveJcaName() {
+
+        for (SignatureAlgorithm alg : SignatureAlgorithm.values().findAll { it.isHmac() }) {
+
+            SecretKey key = createMock(SecretKey)
+            int numBits = alg.minKeyLength
+            int numBytes = numBits / 8 as int
+            expect(key.getEncoded()).andReturn(new byte[numBytes])
+            expect(key.getAlgorithm()).andReturn(alg.jcaName.toUpperCase()) // <-- upper case, non standard JCA name
+
+            replay key
+
+            alg.assertValidSigningKey(key)
+
+            verify key
+        }
+    }
+
     @Test
     void testAssertValidHmacSigningKeyUnsupportedAlgorithm() {