MD5 APK signatures are still supported by Android and are accepted by Google Play when you upload an APK there.
See https://forum.f-droid.org/t/many-old-unmaintained-apps-have-... for more discussion about this in the context of F-Droid. I believe F-Droid was (is) using Oracle jarsigner to verify APK signatures and this is what causing F-Droid to reject APKs with MD5 signatures.
See https://forum.f-droid.org/t/many-old-unmaintained-apps-have-... for more discussion about this in the context of F-Droid. I believe F-Droid was (is) using Oracle jarsigner to verify APK signatures and this is what causing F-Droid to reject APKs with MD5 signatures.