From f80d947113b9c3008842f0bdcd60d83146f8bb4c Mon Sep 17 00:00:00 2001
From: Mikolaj Izdebski <mizdebsk@redhat.com>
Date: Thu, 28 Oct 2021 10:05:39 +0200
Subject: [PATCH] Remove use of deprecated SHA-1 and MD5 algorithms

Resolves: rhbz#1936601
---
 ...-deprecated-SHA-1-and-MD5-algorithms.patch | 37 +++++++++++++++++++
 maven-resolver.spec                           | 11 +++++-
 2 files changed, 46 insertions(+), 2 deletions(-)
 create mode 100644 0001-Remove-use-of-deprecated-SHA-1-and-MD5-algorithms.patch

diff --git a/0001-Remove-use-of-deprecated-SHA-1-and-MD5-algorithms.patch b/0001-Remove-use-of-deprecated-SHA-1-and-MD5-algorithms.patch
new file mode 100644
index 0000000..db6a544
--- /dev/null
+++ b/0001-Remove-use-of-deprecated-SHA-1-and-MD5-algorithms.patch
@@ -0,0 +1,37 @@
+From 8f7d5c7c763f66035dda86012d58744547672abe Mon Sep 17 00:00:00 2001
+From: Mikolaj Izdebski <mizdebsk@redhat.com>
+Date: Thu, 28 Oct 2021 10:03:13 +0200
+Subject: [PATCH] Remove use of deprecated SHA-1 and MD5 algorithms
+
+---
+ .../aether/repository/AuthenticationDigest.java       | 11 ++---------
+ 1 file changed, 2 insertions(+), 9 deletions(-)
+
+diff --git a/maven-resolver-api/src/main/java/org/eclipse/aether/repository/AuthenticationDigest.java b/maven-resolver-api/src/main/java/org/eclipse/aether/repository/AuthenticationDigest.java
+index 27b88c02..6236e7b2 100644
+--- a/maven-resolver-api/src/main/java/org/eclipse/aether/repository/AuthenticationDigest.java
++++ b/maven-resolver-api/src/main/java/org/eclipse/aether/repository/AuthenticationDigest.java
+@@ -98,18 +98,11 @@ public final class AuthenticationDigest
+     {
+         try
+         {
+-            return MessageDigest.getInstance( "SHA-1" );
++            return MessageDigest.getInstance( "SHA-256" );
+         }
+         catch ( NoSuchAlgorithmException e )
+         {
+-            try
+-            {
+-                return MessageDigest.getInstance( "MD5" );
+-            }
+-            catch ( NoSuchAlgorithmException ne )
+-            {
+-                throw new IllegalStateException( ne );
+-            }
++            throw new IllegalStateException( e );
+         }
+     }
+ 
+-- 
+2.32.0
+
diff --git a/maven-resolver.spec b/maven-resolver.spec
index 28f1f78..67d42f1 100644
--- a/maven-resolver.spec
+++ b/maven-resolver.spec
@@ -3,13 +3,16 @@
 Name:           maven-resolver
 Epoch:          1
 Version:        1.6.1
-Release:        7%{?dist}
+Release:        8%{?dist}
 License:        ASL 2.0
 Summary:        Apache Maven Artifact Resolver library
 URL:            https://maven.apache.org/resolver/
-Source0:        https://archive.apache.org/dist/maven/resolver/%{name}-%{version}-source-release.zip
 BuildArch:      noarch
 
+Source0:        https://archive.apache.org/dist/maven/resolver/%{name}-%{version}-source-release.zip
+
+Patch0:         0001-Remove-use-of-deprecated-SHA-1-and-MD5-algorithms.patch
+
 BuildRequires:  maven-local-openjdk8
 %if %{with bootstrap}
 BuildRequires:  javapackages-bootstrap
@@ -64,6 +67,7 @@ artifact transports and artifact resolution.
 
 %prep
 %setup -q
+%patch0 -p1
 
 %pom_remove_plugin -r :bnd-maven-plugin
 
@@ -113,6 +117,9 @@ done
 %license LICENSE NOTICE
 
 %changelog
+* Fri Nov 12 2021 Mikolaj Izdebski <mizdebsk@redhat.com> - 1:1.6.1-8
+- Remove use of deprecated SHA-1 and MD5 algorithms
+
 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:1.6.1-7
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
   Related: rhbz#1991688