From 09445236a4f2ea6e4464e631eff065d4ffdf4d56 Mon Sep 17 00:00:00 2001
From: Adrien Waksberg <git@yae.im>
Date: Sat, 20 Jul 2019 17:18:52 +0200
Subject: [PATCH] feat: replace sha1 to sha512 in pbkdf2.Key function

---
 CHANGELOG.md  | 1 +
 gpm/crypto.go | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c5791e9..d7a1711 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
 
 - Prefix error message with ERROR 
 - Fix new line with clear input
+- Replace sha1 to sha512 in pbkdf2.Key function
 
 ## v1.0.0 - 2019-07-12
 
diff --git a/gpm/crypto.go b/gpm/crypto.go
index 6488594..28e16de 100644
--- a/gpm/crypto.go
+++ b/gpm/crypto.go
@@ -16,7 +16,7 @@ package gpm
 
 import(
   "crypto/aes"
-  "crypto/sha1"
+  "crypto/sha512"
   "crypto/cipher"
   "crypto/rand"
   "encoding/base64"
@@ -29,7 +29,7 @@ import(
 
 // Encrypt data with aes256
 func Encrypt(data []byte, passphrase string, salt string) (string, error) {
-  key := pbkdf2.Key([]byte(passphrase), []byte(salt), 4096, 32, sha1.New)
+  key := pbkdf2.Key([]byte(passphrase), []byte(salt), 4096, 32, sha512.New)
 
   block, err := aes.NewCipher([]byte(key))
   if err != nil {
@@ -54,7 +54,7 @@ func Encrypt(data []byte, passphrase string, salt string) (string, error) {
 
 // Decrypt data
 func Decrypt(data string, passphrase string, salt string) ([]byte, error) {
-  key := pbkdf2.Key([]byte(passphrase), []byte(salt), 4096, 32, sha1.New)
+  key := pbkdf2.Key([]byte(passphrase), []byte(salt), 4096, 32, sha512.New)
 
   rawData, err := base64.StdEncoding.DecodeString(data)
   if err != nil {