From: Daniel Martí <mvdan@mvdan.cc>
Date: Fri, 25 Sep 2015 01:50:51 +0000 (-0700)
Subject: Replace MD5withRSA with SHA1withRSA. Fixes #26.
X-Git-Tag: 0.5.0~75
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=d88914b466363c57056bf1e9938b02dc8cfbbd8b;p=fdroidserver.git

Replace MD5withRSA with SHA1withRSA. Fixes #26.

Looks to me like we were using SHA1withRSA all along. Tested that everything
still works with a test repo.

As Hans reports, SHA1withRSA has been the default on Android tools for a long
time and it's supported on all Android versions.
---

diff --git a/fdroidserver/publish.py b/fdroidserver/publish.py
index 74f16206..1e4fbeb8 100644
--- a/fdroidserver/publish.py
+++ b/fdroidserver/publish.py
@@ -184,7 +184,7 @@ def main():
             p = FDroidPopen(['jarsigner', '-keystore', config['keystore'],
                              '-storepass:file', config['keystorepassfile'],
                              '-keypass:file', config['keypassfile'], '-sigalg',
-                             'MD5withRSA', '-digestalg', 'SHA1',
+                             'SHA1withRSA', '-digestalg', 'SHA1',
                              apkfile, keyalias])
             # TODO keypass should be sent via stdin
             if p.returncode != 0:
diff --git a/fdroidserver/signindex.py b/fdroidserver/signindex.py
index 9b571a20..50a43455 100644
--- a/fdroidserver/signindex.py
+++ b/fdroidserver/signindex.py
@@ -55,7 +55,7 @@ def main():
 
             args = ['jarsigner', '-keystore', config['keystore'],
                     '-storepass:file', config['keystorepassfile'],
-                    '-digestalg', 'SHA1', '-sigalg', 'MD5withRSA',
+                    '-digestalg', 'SHA1', '-sigalg', 'SHA1withRSA',
                     unsigned, config['repo_keyalias']]
             if config['keystore'] == 'NONE':
                 args += config['smartcardoptions']
diff --git a/fdroidserver/update.py b/fdroidserver/update.py
index f4acc67c..4758e789 100644
--- a/fdroidserver/update.py
+++ b/fdroidserver/update.py
@@ -955,7 +955,7 @@ def make_index(apps, sortedids, apks, repodir, archive, categories):
         else:
             args = ['jarsigner', '-keystore', config['keystore'],
                     '-storepass:file', config['keystorepassfile'],
-                    '-digestalg', 'SHA1', '-sigalg', 'MD5withRSA',
+                    '-digestalg', 'SHA1', '-sigalg', 'SHA1withRSA',
                     signed, config['repo_keyalias']]
             if config['keystore'] == 'NONE':
                 args += config['smartcardoptions']