Add the onDeviceOffBody API method to KeyStore

This is necessary for allowing the KeyStore to lock keys that remain
authorized as long as the device is on-body.

Bug 28911985

Change-Id: If50bc84d5a1cb23f9b01b1950c3676d1519cc4f5

core/java/android/security/IKeystoreService.aidl

@@ -76,4 +76,5 @@ interface IKeystoreService {
     int onUserAdded(int userId, int parentId);
     int onUserRemoved(int userId);
     int attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain);
+    int onDeviceOffBody();
 }

keystore/java/android/security/KeyStore.java

@@ -626,6 +626,16 @@ public class KeyStore {
         }
     }
 
+    /**
+     * Notify keystore that the device went off-body.
+     */
+    public void onDeviceOffBody() {
+        try {
+            mBinder.onDeviceOffBody();
+        } catch (RemoteException e) {
+            Log.w(TAG, "Cannot connect to keystore", e);
+        }
+    }
 
     /**
      * Returns a {@link KeyStoreException} corresponding to the provided keystore/keymaster error