kadm5: kadmin modify must refuse bogus keys
kadmin should not permit a modify that stores invalid keys into the
database. Accepting bad key data into the database will result in
errors when those keys are eventually used.
This change does not address the general case. It does address the
specific case of the kadmin client attempting to store the magic
bogus key since that is trivial to check for and can be unintentionally
returned to kadmind by a 1.6rc2 or prior client. This can happen when
a user has get privilege but lacks the new get-keys privilege.
Change-Id: I44795e6428472b75ab1e4257ce7cb9160f0299f5