Move most remaining sha1() calls to HMAC

Summary:

• For context, see T547. This is the last (maybe?) in a series of diffs that

moves us off raw sha1() calls in order to make it easier to audit the codebase
for correct use of hash functions.

• This breaks CSRF tokens. Any open forms will generate an error when

submitted, so maybe upgrade off-peak.

• We now generate HMAC mail keys but accept MAC or HMAC. In a few months, we

can remove the MAC version.

• The only remaining callsite is Conduit. We can't use HMAC since Arcanist

would need to know the key. {T550} provides a better solution to this, anyway.

Test Plan:

• Verified CSRF tokens generate properly.
• Manually changed CSRF to an incorrect value and got an error.
• Verified mail generates with a new mail hash.
• Verified Phabricator accepts both old and new mail hashes.
• Verified Phabricator rejects bad mail hashes.
• Checked user log, things look OK.

Reviewers: btrahan, jungejason, benmathews

Reviewed By: btrahan

CC: aran, epriestley, btrahan

Maniphest Tasks: T547

Differential Revision: 1237