This is a parent ticket for finding every use of SHA-1 in our specs/design and code, detailing it, and coming up with a plan to replace it. From [the Seattle notes](https://trac.torproject.org/projects/tor/wiki/org/meetings/2018NetworkTeamHackfestSeattle/OldCrypto), we use truncated SHA-1 in v2 onion services and `relay_crypt_one_payload()`, and we use full width SHA-1 for relay fingerprints and, again, v2 onion services. Nick has also written [a draft document](https://gitweb.torproject.org/torspec.git/tree/proposals/ideas/xxx-what-uses-sha1.txt) detailing where we use SHA-1, however it is presently outdated and incorrect in some places.