From f3770c858e72871356f8b31ca6f8b39fea259301 Mon Sep 17 00:00:00 2001
From: Martin Krisell <martin.krisell@gmail.com>
Date: Mon, 13 Sep 2021 14:58:03 +0200
Subject: [PATCH] Use lowercase for hmac hash algorithm

---
 src/Illuminate/Foundation/Console/stubs/maintenance-mode.stub | 2 +-
 .../Foundation/Http/MaintenanceModeBypassCookie.php           | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/Illuminate/Foundation/Console/stubs/maintenance-mode.stub b/src/Illuminate/Foundation/Console/stubs/maintenance-mode.stub
index d3d7e148444e..283a4d3b2fd6 100644
--- a/src/Illuminate/Foundation/Console/stubs/maintenance-mode.stub
+++ b/src/Illuminate/Foundation/Console/stubs/maintenance-mode.stub
@@ -48,7 +48,7 @@ if (isset($_COOKIE['laravel_maintenance']) && isset($data['secret'])) {
     if (is_array($payload) &&
         is_numeric($payload['expires_at'] ?? null) &&
         isset($payload['mac']) &&
-        hash_equals(hash_hmac('SHA256', $payload['expires_at'], $data['secret']), $payload['mac']) &&
+        hash_equals(hash_hmac('sha256', $payload['expires_at'], $data['secret']), $payload['mac']) &&
         (int) $payload['expires_at'] >= time()) {
         return;
     }
diff --git a/src/Illuminate/Foundation/Http/MaintenanceModeBypassCookie.php b/src/Illuminate/Foundation/Http/MaintenanceModeBypassCookie.php
index e566ac86daec..ecb6fb95eea0 100644
--- a/src/Illuminate/Foundation/Http/MaintenanceModeBypassCookie.php
+++ b/src/Illuminate/Foundation/Http/MaintenanceModeBypassCookie.php
@@ -19,7 +19,7 @@ public static function create(string $key)
 
         return new Cookie('laravel_maintenance', base64_encode(json_encode([
             'expires_at' => $expiresAt->getTimestamp(),
-            'mac' => hash_hmac('SHA256', $expiresAt->getTimestamp(), $key),
+            'mac' => hash_hmac('sha256', $expiresAt->getTimestamp(), $key),
         ])), $expiresAt);
     }
 
@@ -37,7 +37,7 @@ public static function isValid(string $cookie, string $key)
         return is_array($payload) &&
             is_numeric($payload['expires_at'] ?? null) &&
             isset($payload['mac']) &&
-            hash_equals(hash_hmac('SHA256', $payload['expires_at'], $key), $payload['mac']) &&
+            hash_equals(hash_hmac('sha256', $payload['expires_at'], $key), $payload['mac']) &&
             (int) $payload['expires_at'] >= Carbon::now()->getTimestamp();
     }
 }