Fixes #20323.

DescriptorIndexCollector deletes descriptor files from a previous or
concurrent collect run if it doesn't collect those files itself.  This
is unexpected behavior and differs from what DescriptorCollectorImpl
does.

Fixes #20525.

The history file implementation in `DescriptorReader` writes the
history file passed in `setExcludeFiles()` immediately after reading
and parsing the last descriptor and putting it into the queue,
regardless of whether the application has finished processing those
descriptors.

If the application fails after the history file is written, it may not
be able to process descriptors in the next execution that have still
been in the queue at the time of failing.

This commit deprecates the `setExcludeFiles()` method and replaces it
by a `setHistoryFile()` and a `saveHistoryFile()` method.
Applications would use `setHistoryFile()` before starting to read
descriptors, process all descriptors, perform any cleaning up, and
then call `saveHistoryFile()`.

Implements #20521.

Implements task-20404.

When we recently switched from System.err printing to slf4j logging,
we started logging an IOException that we shouldn't be running into
and that we simply ignored before.  This exception gets thrown when
DescriptorReaderImpl attempts to read a parse history file that
doesn't exist (yet).  We should simply check whether that files exists
before attempting to read it.

Fixes #20320.

Implements #19284.

 - Support more than one "directory-signature" line in a vote, which
   may become relevant when authorities start signing votes using more
   than one algorithm.
 - Provide directory signatures in consensuses and votes in a list
   rather than a map to support multiple signatures made using the
   same identity key digest but different algorithms.
 - Be more lenient about digest lengths in directory signatures which
   may be longer or shorter than 20 bytes.

Implements #18875.

While implementing this, make "sha1" constant and deprecate
RelayNetworkStatusVote.getSigningKeyDigest(), because it's remissible
and ambiguous.  Suggested or based on discussions with iwakeh.

Implements #19285.

Implements #19051.

Based in parts on very helpful suggestions and feedback by iwakeh.

Implements #16873.

And don't break if x is non-numeric.  Spotted by iwakeh.

Previously, we would have added as many copies of a Torperf line as it
contains keys we don't recognize, which is not really usable.

Implements #17934.

This patch is loosely based on metrics-web's hidserv module.

More precisely,
 - support Ed25519 certificates and Ed25519 master keys as well as
   SHA-256 digests and Ed25519 signatures thereof in server
   descriptors and extra-info descriptors,
 - parse RSA-1024 signatures of SHA-1 digests of extra-info
   descriptors,
 - parse Ed25519 master keys in votes, and
 - parse Ed25519 and RSA-1024 identity digests in microdescriptors.

This patch is based on metrics-db's bridge descriptor sanitizer.

So far, we did not distinguish between relay and bridge descriptors in
the case of server descriptors and extra-info descriptors.  This works
just fine, because we tried hard to re-use existing keywords in relay
descriptors for sanitized contents in bridge descriptors to facilitate
parsing.

However, some applications process both relay and bridge descriptors
and need to add workarounds for distinguishing between the two.  For
example, they couldn't just read the contents of CollecTor's recent/
directory, because they wouldn't be able to know whether a
ServerDescriptor instance was published by a relay or bridge.  Or even
worse, if an application expects a given directory to contain relay
descriptors and that directory suddenly contains bridge descriptors,
that application wouldn't notice.

This change adds new interfaces to distinguish between relay and
bridge descriptors.  It still supports the existing two interfaces
that don't make this distinction.  Those two interfaces are not
deprecated, because it's okay if an application does not care whether
a descriptor was published by a relay or bridge.

This change is in parts based on a discussion with atagar.  Thanks!

Implements #17000.