[PM-5963] Fix tde offboarding vault corruption (#4144)

* Attempt to fix tde to mp flow

* Move tde offboarding to dedicated flag

* Add tde offboarding password request

* Validate tde offboarding input

* Correctly check whether tde is active when building trusted device options

* Refactor Tde offboarding into a separate command

* Add unit tests for tde offboarding

* Update tde offboarding request model

* Fix tests

* Fix further tests

* Fix documentation

* Add validation for updatetdepasswordasync key/newmasterpassword

* Add comment explaining test

* Remove unrelated changes

src/Core/Auth/Models/Api/Response/UserDecryptionOptions.cs

@@ -54,18 +54,21 @@ public class TrustedDeviceUserDecryptionOption
     public bool HasAdminApproval { get; }
     public bool HasLoginApprovingDevice { get; }
     public bool HasManageResetPasswordPermission { get; }
+    public bool IsTdeOffboarding { get; }
     public string? EncryptedPrivateKey { get; }
     public string? EncryptedUserKey { get; }
 
     public TrustedDeviceUserDecryptionOption(bool hasAdminApproval,
         bool hasLoginApprovingDevice,
         bool hasManageResetPasswordPermission,
+        bool isTdeOffboarding,
         string? encryptedPrivateKey,
         string? encryptedUserKey)
     {
         HasAdminApproval = hasAdminApproval;
         HasLoginApprovingDevice = hasLoginApprovingDevice;
         HasManageResetPasswordPermission = hasManageResetPasswordPermission;
+        IsTdeOffboarding = isTdeOffboarding;
         EncryptedPrivateKey = encryptedPrivateKey;
         EncryptedUserKey = encryptedUserKey;
     }