Include length when using krb5_c_decrypt()
    
    For some enctypes, krb5_c_decrypt() will add padding bytes which are
    included in the returned length.  However, functions which use the
    objects we're storing aren't always prepared for that: in particular,
    gss_import_cred() will declare a token invalid if there's trailing
    garbage.
    
    Work around this by including 4 bytes of length on encrypted objects.
    
    Signed-off-by: Robbie Harwood <rharwood@redhat.com>