Merge rubygems master.

  This is RC version of Rubygems 2.7.0.
  https://github.com/rubygems/rubygems/commit/688fb7e83c13c3fe7c2bb03c49a2db4c82852aee

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60133 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 10 insertions, 3 deletions

diff --git a/lib/rubygems/security.rb b/lib/rubygems/security.rb
index 6963ca156f..4690dd9230 100644
--- a/lib/rubygems/security.rb
+++ b/lib/rubygems/security.rb
@@ -340,7 +340,9 @@ module Gem::Security
   # Digest algorithm used to sign gems
 
   DIGEST_ALGORITHM =
-    if defined?(OpenSSL::Digest::SHA1) then
+    if defined?(OpenSSL::Digest::SHA256) then
+      OpenSSL::Digest::SHA256
+    elsif defined?(OpenSSL::Digest::SHA1) then
       OpenSSL::Digest::SHA1
     end
 
@@ -363,7 +365,7 @@ module Gem::Security
   ##
   # Length of keys created by KEY_ALGORITHM
 
-  KEY_LENGTH = 2048
+  KEY_LENGTH = 3072
 
   ##
   # Cipher used to encrypt the key pair used to sign gems.
@@ -372,9 +374,14 @@ module Gem::Security
   KEY_CIPHER = OpenSSL::Cipher.new('AES-256-CBC') if defined?(OpenSSL::Cipher)
 
   ##
+  # One day in seconds
+
+  ONE_DAY = 86400
+
+  ##
   # One year in seconds
 
-  ONE_YEAR = 86400 * 365
+  ONE_YEAR = ONE_DAY * 365
 
   ##
   # The default set of extensions are: