Changed storage of secret to use an array of bytes instead of a string.

zerodivide1 · zerodivide1 · commit a9bbdfb3b386 · 2015-01-24T15:56:59.000-08:00
Added new constructor to accept the array of bytes.
diff --git a/src/main/java/com/auth0/jwt/JWTSigner.java b/src/main/java/com/auth0/jwt/JWTSigner.java
@@ -26,9 +26,13 @@
  * No support for RSA encryption at present
  */
 public class JWTSigner {
-    private final String secret;
+    private final byte[] secret;
 
     public JWTSigner(String secret) {
+        this(secret.getBytes());
+    }
+
+    public JWTSigner(byte[] secret) {
         this.secret = secret;
     }
 
@@ -216,7 +220,7 @@ private String base64UrlEncode(byte[] str) {
     /**
      * Switch the signing algorithm based on input, RSA not supported
      */
-    private static byte[] sign(Algorithm algorithm, String msg, String secret) throws Exception {
+    private static byte[] sign(Algorithm algorithm, String msg, byte[] secret) throws Exception {
         switch (algorithm) {
         case HS256:
         case HS384:
@@ -233,9 +237,9 @@ private static byte[] sign(Algorithm algorithm, String msg, String secret) throw
     /**
      * Sign an input string using HMAC and return the encrypted bytes
      */
-    private static byte[] signHmac(Algorithm algorithm, String msg, String secret) throws Exception {
+    private static byte[] signHmac(Algorithm algorithm, String msg, byte[] secret) throws Exception {
         Mac mac = Mac.getInstance(algorithm.getValue());
-        mac.init(new SecretKeySpec(secret.getBytes(), algorithm.getValue()));
+        mac.init(new SecretKeySpec(secret, algorithm.getValue()));
         return mac.doFinal(msg.getBytes());
     }
 
