If kadmind returned bogus keys it means that the user lacks the
get-keys permission. Generate a warning and exit.
Also use calloc() to allocate the new_key_data.
Change-Id: I21b697e2ff5adf753b1cfe698877b3f593bbea9e
add_enctype() was not fetching the kvno of the principal it was
modifying, and it was not setting the kvno of the new keys (instead it
set it to 0). This worked fine before multi-kvno, but broke then. The
fix is to fetch the kvno and set the new keys' kvno to that.
I'm thinking of adding a new kadmin command to prune old kvnos by date
or kvno differential...
