Fix FRP credential overwritten before it is verified

When initializing the synthetic password of the user that will own the
FRP credential, don't clear the FRP credential if the device is not yet
provisioned.

In addition, prevent the Weaver slot used by the FRP credential from
being overwritten while the device is not yet provisioned.

This fixes commit 78e245a2 ("Give all users SP-based credentials").

Test: atest com.android.server.locksettings
Test: Manually tested FRP
Bug: 254378141
Change-Id: I55d916d43fc30e8c76c3d85a09fad14b7946b53d