There is a need to override the keystore signature algorithm. Today we autodetect the signature algorithm using keytool, however there is a scenario where the SHA256withRSA signature algorithm is detected when it should be SHA1withRSA.
A way to deal with this is to simply add a new command line option: --keystore-sigalg. It does not have a default "value", but the default behavior will be to continue to do what we do today. When the --keystore-sigalg is specified, it would simply override the detected signature algorithm before calling jarsigner. This change would take place here: https://github.com/appcelerator/titanium_mobile/blob/master/android/cli/commands/_build.js#L4096.