Update authentication when encrypted or lockout

Fingerprint authentication should not expose accept/reject/lockout
when the user is encrypted or locked out. This is possible with
IBiometricsFingerprint@2.1 since lockout is controlled by the framework.

IBiometricsFace@1.0 does not support this since lockout is controlled
in the HAL (or lower).

Bug: 79776455

Test: On fingerprint device, during encrypted or lockdown, any finger
      works, lockout never occurs
Test: BiometricPromptDemo, normal path is run (e.g. incorrect fingers
      are rejected)
Test: Test no effect on face device
Test: atest KeyguardUpdateMonitorTest

Change-Id: I9ded8efd80d4f8b92ce054262e721853703c6437
Merged-In: I6c9717d1f8ed3e844b3d92727396e2ce2e7fd94f
9 files changed