[rubygems/rubygems] Simplify digest name selection and use SHA256

The previous commit introduces the Gem::Security.create_digest method, allowing to:
- decouple algorithm choice from implementation (OpenSSL or Ruby built-in)
- untangle the SHA512 fallback for TarWriter from the generic hashing digest choice (undoing commit 9471f8ed2bdc12248d2619bbbce6e53cd6c16cb6)

https://github.com/rubygems/rubygems/commit/1bc03231e4

2 files changed, 2 insertions, 11 deletions

diff --git a/lib/rubygems/package/tar_writer.rb b/lib/rubygems/package/tar_writer.rb
index 3abfb0ca2c..877cc167c9 100644
--- a/lib/rubygems/package/tar_writer.rb
+++ b/lib/rubygems/package/tar_writer.rb
@@ -4,8 +4,6 @@
 # See LICENSE.txt for additional licensing information.
 #++
 
-require 'digest'
-
 ##
 # Allows writing of tar files
 
@@ -168,7 +166,7 @@ class Gem::Package::TarWriter
   def add_file_signed(name, mode, signer)
     digest_algorithms = [
       signer.digest_algorithm,
-      Digest::SHA512.new,
+      Gem::Security.create_digest('SHA512'),
     ].compact.uniq
 
     digests = add_file_digest name, mode, digest_algorithms do |io|
diff --git a/lib/rubygems/security.rb b/lib/rubygems/security.rb
index 64fb4c0f83..93bc6588e6 100644
--- a/lib/rubygems/security.rb
+++ b/lib/rubygems/security.rb
@@ -341,14 +341,7 @@ module Gem::Security
   ##
   # Used internally to select the signing digest from all computed digests
 
-  DIGEST_NAME = # :nodoc:
-    if defined?(OpenSSL::Digest::SHA256)
-      'SHA256'
-    elsif defined?(OpenSSL::Digest::SHA1)
-      'SHA1'
-    else
-      'SHA512'
-    end
+  DIGEST_NAME = 'SHA256' # :nodoc:
 
   ##
   # Algorithm for creating the key pair used to sign gems