Please review the fix at http://cr.openjdk.java.net/~weijun/8025124/webrev.00/
This is an interop fix. We used to determine if a NULL key should be used based on etype being new or old, now we just look at the etype inside the EncryptedData. If it's 0 then there is no need to decrypt it. Note that this is not a security issue because the whole KRB-CRED is encrypted anyway.
A new regression test added. Thanks Max
