Split Keystore's onLockScreenEvent into onDevice{Unlocked,Locked}

Currently Keystore is notified of the device being unlocked and locked
for each user via onLockScreenEvent(lockScreenEvent, userId, password,
unlockingSids), where lockScreenEvent is UNLOCK or LOCK.  This is a bit
confusing because the password parameter is only meaningful for UNLOCK,
and the unlockingSids parameter is only meaningful for LOCK.  This
problem will get worse when we add a parameter that tells Keystore
whether unlocking via a weak biometric or trust agent is possible, as
that will be another parameter that is only meaningful for LOCK.

Therefore, this CL splits onLockScreenEvent into two methods
onDeviceUnlocked and onDeviceLocked, each with the appropriate
parameters.  No actual change in behavior intended.  This change does
make TrustManagerService no longer call getBiometricSids() for unlocks,
so technically that is a slight difference; however, for UNLOCK events
Keystore ignored the SID list, so this just eliminates unnecessary work.

Bug: 296464083
Test: atest -p --include-subdirs system/security/keystore2 \
      && atest CtsKeystoreTestCases \
      && atest TrustTests \
      && atest com.android.server.locksettings
Flag: N/A, straightforward refactoring
Change-Id: Ibfaa22ba27d13248c9c4c69a4d2efb2231792c31