[PM-2199] Implement userkey rotation for all TDE devices (#13576)

* Implement key rotation v2

* Pass through masterpassword hint

* Properly split old and new code

* Mark legacy rotation as deprecated

* Throw when data is null

* Cleanup

* Add tests

* Fix build

* Update libs/key-management/src/key.service.spec.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update apps/web/src/app/auth/settings/change-password.component.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add documentation

* Centralize loading logic

* Add proof-of-concept for tde rotation

* Fix build

* Only include trusted devices in rotation request

* Undo featureflag change

* Fix tests

* Prettier format

* Fix build

* Undo changes to migrate legacy component

* Address feedback & add tests

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

libs/common/src/auth/abstractions/devices-api.service.abstraction.ts

@@ -2,7 +2,6 @@
 // @ts-strict-ignore
 import { ListResponse } from "../../models/response/list.response";
 import { DeviceResponse } from "../abstractions/devices/responses/device.response";
-import { SecretVerificationRequest } from "../models/request/secret-verification.request";
 import { UpdateDevicesTrustRequest } from "../models/request/update-devices-trust.request";
 import { ProtectedDeviceResponse } from "../models/response/protected-device.response";
 
@@ -25,10 +24,7 @@ export abstract class DevicesApiServiceAbstraction {
     deviceIdentifier: string,
   ) => Promise<void>;
 
-  getDeviceKeys: (
-    deviceIdentifier: string,
-    secretVerificationRequest: SecretVerificationRequest,
-  ) => Promise<ProtectedDeviceResponse>;
+  getDeviceKeys: (deviceIdentifier: string) => Promise<ProtectedDeviceResponse>;
 
   /**
    * Notifies the server that the device has a device key, but didn't receive any associated decryption keys.