Update the default hashing algorithm used in signed cookies

[javiereguiluz]

trafficstars

This bundle uses sha256 as the default hashing algorithm for signed cookies:

https://github.com/nelmio/NelmioSecurityBundle/blob/93f80092dce178e77876c2ef4224e74f18c385c7/src/DependencyInjection/Configuration.php#L255

This might be no longer safe enough: https://en.wikipedia.org/wiki/SHA-2#Comparison_of_SHA_functions

Maybe we can move to sha3-256 or higher, which is also supported by PHP? https://www.php.net/manual/en/function.hash-algos.php