Merge rubygems master.

This is RC version of Rubygems 2.7.0.
  688fb7e83c

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60133 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

lib/rubygems/commands/cert_command.rb

@@ -84,6 +84,11 @@ class Gem::Commands::CertCommand < Gem::Command
 
       options[:sign] << cert_file
     end
+
+    add_option('-d', '--days NUMBER_OF_DAYS',
+               'Days before the certificate expires') do |days, options|
+                options[:expiration_length_days] = days.to_i
+    end
   end
 
   def add_certificate certificate # :nodoc:
@@ -105,16 +110,20 @@ class Gem::Commands::CertCommand < Gem::Command
       list_certificates_matching filter
     end
 
-    options[:build].each do |name|
-      build name
+    options[:build].each do |email|
+      build email
     end
 
     sign_certificates unless options[:sign].empty?
   end
 
-  def build name
+  def build email
+    if !valid_email?(email)
+      raise Gem::CommandLineError, "Invalid email address #{email}"
+    end
+
     key, key_path = build_key
-    cert_path = build_cert name, key
+    cert_path = build_cert email, key
 
     say "Certificate: #{cert_path}"
 
@@ -124,8 +133,16 @@ class Gem::Commands::CertCommand < Gem::Command
     end
   end
 
-  def build_cert name, key # :nodoc:
-    cert = Gem::Security.create_cert_email name, key
+  def build_cert email, key # :nodoc:
+    expiration_length_days = options[:expiration_length_days]
+    age =
+      if expiration_length_days.nil? || expiration_length_days == 0
+        Gem::Security::ONE_YEAR
+      else
+        Gem::Security::ONE_DAY * expiration_length_days
+      end
+
+    cert = Gem::Security.create_cert_email email, key, age
     Gem::Security.write cert, "gem-public_cert.pem"
   end
 
@@ -273,5 +290,13 @@ For further reading on signing gems see `ri Gem::Security`.
     end
   end
 
+  private
+
+  def valid_email? email
+    # It's simple, but is all we need
+    email =~ /\A.+@.+\z/
+  end
+
+
 end if defined?(OpenSSL::SSL)