Draft: Switch to using digest strategies in OpenSSL

This came up in a new linting rule that surfaced in !189 (merged)

After a useful discussion in slack I was able to gain a better understanding of what this rule was trying to accomplish and why, so we've shifted to using the more comprehensive (and compliant) OpenSSL::Digest interface. This required a fairly minor shift in the configuration to keep if from being a messy, so we've deprecated the original context_key_bit_length and instead now provide the context_key_strategy -- which can now be any digest algorithm that OpenSSL::Digest understands.