Inform the remote provisioner when a key may have been consumed

Every time we create a credential, contact the Provisioner app and tell
it that a key was generated. This may not strictly be true, but the
provisioner has heuristics to ensure that it only contacts the backend
if necessary. So, at most, we're spinning a few extra cycles whenever
a new credential is created (which is a rare occurence) to ensure that
we have RKP keys available for future requests.

Test: CtsIdentityTestCases
Fixes: 224771551
Change-Id: I6dd20635e6933842a95242e6d0cbfb9bf8c8f734