Unable to match signature header - sha1 issue

[zajinx]

When using webhook the signature header validation fails on Almalinux 9.4 and php83 (via virtualmin) because it uses sha1, when i update the code to use sha2 the problem went away.

/src/Controllers/WebhookController.php
line 31 changed from
$encodedSignature = $request->header('x-postal-signature');
to
$encodedSignature = $request->header('x-postal-signature-256');

and

line 39 changed from
$result = openssl_verify($body, $signature, $rsa_key, OPENSSL_ALGO_SHA1);
to
$result = openssl_verify($body, $signature, $rsa_key, OPENSSL_ALGO_SHA256);

[willpower232]

I see they added sha2 in 3.2.0.

What error message did you get before updating the code?