[Identity] Refactor opaque_ke usage to dedicated file

Summary:
ServerRegistration operations need to be used by both register_user
and update_user. ServerLogin operations need to be used by register_user,
update_user, and login_user. May as well refactor this shared logic to
provide similar terminology in potential errors, and improve readability.

These map the potential opaque protocol errors to a corresponding gRPC status
error.

Part of https://linear.app/comm/issue/ENG-2763

Related https://linear.app/comm/issue/ENG-2733

Test Plan:
This is a refactor, and shouldn't affect the observable behavior of the
identity service. However, it will be fully tested in a later diff.

cd services/identity
cargo build

Reviewers: varun, bartek, max, ashoat

Reviewed By: varun

Subscribers: tomek, atul

Differential Revision: https://phab.comm.dev/D6925