WiP: Fix TPM DUK retries/vocabilary (again) and CapsLock warning

[tlaurion]

Addresses partly #1588 until proper CapsLock detection code is created.

TODO:

• [ ] Cleanup commit logs. This is raw at creation of PR: just works in Q4.1(lvm) and Q4.2(brtfs).
• [ ] Would love this to work out of the box to pass additional LUKS discovered LUKS devices, but as of now, Qubes asks for Disk Recovery Key if the whole setup chain for that additional device is not completed on OS side.
• [ ] So in current state, all LUKS discovered devices are part of "suggested" disks for user to select. This means that if those devices are setuped with different DRK, it will fail as well. TLDR: all DUK to be part of TPM DUK need to have the same DRK to be enrolled as TPM DUK and OS needs to have proper setup (/etc/crypptab+ dracut regen + grub regen).

Putting as draft upon creation. @UndeadDevel : comments can be added either in issue or here if you have code comments(here) or other requirements(in issue).

[tlaurion]

This contains WiP where #1595 will be more consensual for now. Leaving this one as draft and will rework when I have a fix for Capslock