Swap out phpseclib's HMAC function.

PHP has a built-in function for HMAC, as such there is little reason to use phpseclib's slower implementation. I specifically modified the wrapper around the HMAC function to retain the same input/output.
nextcloud · lynn-stephenson · Oct 13, 2020 · Oct 13, 2020 · Oct 13, 2020 · Oct 13, 2020
commit 0ae57ce5a2579e0ee59f124705dca12781eabd78
@@ -32,7 +32,6 @@
 use OCP\IConfig;
 use OCP\Security\ICrypto;
 use phpseclib\Crypt\AES;
-use phpseclib\Crypt\Hash;
 
 /**
  * Class Crypto provides a high-level encryption layer using AES-CBC. If no key has been provided
@@ -70,9 +69,7 @@ public function calculateHMAC(string $message, string $password = ''): string {
 			$password = $this->config->getSystemValue('secret');
 		}
 
-		$hash = new Hash('sha512');
-		$hash->setKey($password);
-		return $hash->hash($message);
+		return hash_hmac('sha512', $message, $password, true);
 	}
 
 	/**