From 676e91a51b01e29a2949384df38058f02d6336e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20M=C3=BCller?= <robert.mueller@fatchip.de>
Date: Thu, 13 Jun 2024 16:00:49 +0200
Subject: [PATCH 1/2] MAG2-310 - Changed default hash algorithm for key param
 to sha2-384

---
 Helper/Toolkit.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Helper/Toolkit.php b/Helper/Toolkit.php
index c177e1f6..4e7c1baf 100644
--- a/Helper/Toolkit.php
+++ b/Helper/Toolkit.php
@@ -266,7 +266,7 @@ public function generateUUIDv4()
      * @param  string $sString
      * @return string
      */
-    public function hashString($sString, $sAlgorithm = 'md5', $sKey = false)
+    public function hashString($sString, $sAlgorithm = 'sha384', $sKey = false)
     {
         if ($sAlgorithm == "sha384" && $sKey !== false) {
             return hash_hmac($sAlgorithm, $sString, $sKey);

From f9926fd50760e6ca87f574aa52404c6b45f820b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20M=C3=BCller?= <robert.mueller@fatchip.de>
Date: Mon, 17 Jun 2024 16:09:42 +0200
Subject: [PATCH 2/2] MAG2-310 - Changed hash algorithm for transactionstatus
 processing

---
 Helper/Toolkit.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Helper/Toolkit.php b/Helper/Toolkit.php
index 4e7c1baf..fa9451a2 100644
--- a/Helper/Toolkit.php
+++ b/Helper/Toolkit.php
@@ -108,7 +108,7 @@ public function isKeyValid($sKey)
     {
         $aKeyValues = $this->getAllPayoneSecurityKeys();
         foreach ($aKeyValues as $sConfigKey) {
-            if ($this->hashString($sConfigKey ?? '') == $sKey) {
+            if ($this->hashString($sConfigKey ?? '', 'md5') == $sKey) {
                 return true;
             }
         }