Use RecoverySession object to hide session IDs

Session IDs are an implementation detail that the framework can (and should)
abstract away.

Test: adb shell am instrument -w -e package
com.android.server.locksettings.recoverablekeystore
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner

Change-Id: Ieba641a9b54ac9bba197a6e9749b621a07e40c67