Comment 1 for bug 203994

One could change fetch script generated by apt-zip to use 'sha256sum' instead of 'md5sum' to check for the checksum. Here is the changed check() function inside the fetch script:

check(){
    [ ! -r "$1" ] && return 1
    [ "`type sha256sum`" ] &&
        if [ "`sha256sum $1 | cut -d' ' -f1`" = "`echo $2 | cut -d':' -f2`" ]
        then return 0
        else err $1 "wrong MD5"; return 1
        fi
    [ "`type gzip`" ] &&
        if ar p $1 data.tar.gz | gzip -t
        then return 0
        else err $1 "wrong contents"; return 1
        fi
    return $3
}

I have used this to fetch the .debs for the two boxes while doing 7.10 -> 8.04 upgrade.