From d88914b466363c57056bf1e9938b02dc8cfbbd8b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Mart=C3=AD?= <mvdan@mvdan.cc>
Date: Thu, 24 Sep 2015 18:50:51 -0700
Subject: [PATCH] Replace MD5withRSA with SHA1withRSA. Fixes #26.

Looks to me like we were using SHA1withRSA all along. Tested that everything
still works with a test repo.

As Hans reports, SHA1withRSA has been the default on Android tools for a long
time and it's supported on all Android versions.
---
 fdroidserver/publish.py   | 2 +-
 fdroidserver/signindex.py | 2 +-
 fdroidserver/update.py    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/fdroidserver/publish.py b/fdroidserver/publish.py
index 74f16206..1e4fbeb8 100644
--- a/fdroidserver/publish.py
+++ b/fdroidserver/publish.py
@@ -184,7 +184,7 @@ def main():
             p = FDroidPopen(['jarsigner', '-keystore', config['keystore'],
                              '-storepass:file', config['keystorepassfile'],
                              '-keypass:file', config['keypassfile'], '-sigalg',
-                             'MD5withRSA', '-digestalg', 'SHA1',
+                             'SHA1withRSA', '-digestalg', 'SHA1',
                              apkfile, keyalias])
             # TODO keypass should be sent via stdin
             if p.returncode != 0:
diff --git a/fdroidserver/signindex.py b/fdroidserver/signindex.py
index 9b571a20..50a43455 100644
--- a/fdroidserver/signindex.py
+++ b/fdroidserver/signindex.py
@@ -55,7 +55,7 @@ def main():
 
             args = ['jarsigner', '-keystore', config['keystore'],
                     '-storepass:file', config['keystorepassfile'],
-                    '-digestalg', 'SHA1', '-sigalg', 'MD5withRSA',
+                    '-digestalg', 'SHA1', '-sigalg', 'SHA1withRSA',
                     unsigned, config['repo_keyalias']]
             if config['keystore'] == 'NONE':
                 args += config['smartcardoptions']
diff --git a/fdroidserver/update.py b/fdroidserver/update.py
index f4acc67c..4758e789 100644
--- a/fdroidserver/update.py
+++ b/fdroidserver/update.py
@@ -955,7 +955,7 @@ def make_index(apps, sortedids, apks, repodir, archive, categories):
         else:
             args = ['jarsigner', '-keystore', config['keystore'],
                     '-storepass:file', config['keystorepassfile'],
-                    '-digestalg', 'SHA1', '-sigalg', 'MD5withRSA',
+                    '-digestalg', 'SHA1', '-sigalg', 'SHA1withRSA',
                     signed, config['repo_keyalias']]
             if config['keystore'] == 'NONE':
                 args += config['smartcardoptions']