From 61922c8ba73d7aa4dde591c9cb0641baaa262dfb Mon Sep 17 00:00:00 2001
From: Jeroen De Meerleer <me@jeroened.be>
Date: Thu, 20 May 2021 12:22:47 +0200
Subject: [PATCH] using variable instead of hardcoded hashing method

---
 src/Repository/Secret.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Repository/Secret.php b/src/Repository/Secret.php
index 8c9d229..2484147 100644
--- a/src/Repository/Secret.php
+++ b/src/Repository/Secret.php
@@ -13,7 +13,7 @@ class Secret
         $iv = openssl_random_pseudo_bytes(16);
 
         $ciphertext = openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv);
-        $hash = hash_hmac('sha256', $ciphertext . $iv, $key, true);
+        $hash = hash_hmac($_ENV['HASHING_METHOD'], $ciphertext . $iv, $key, true);
 
         return $iv . $hash . $ciphertext;
     }