Clean up AuthenticationToken interface and add some doc

Formalize the interfaces to generate and recreate
AuthenticationToken (both directly and from escrow).
Add documentation to explain the purpose of
AuthenticationToken and how escrow should be used.

Bug: 63619579
Test: atest com.android.server.locksettings

Change-Id: Id4278151fcb5e4f540758f4c55e7ccd06bd28a10