backupkey: Use ndr_pull_struct_blob_all()
This avoids bad decrypts from falling down to later code and getting
the error code wrong, by strictly requiring the NDR parse to use all the
data. A bad decyrpt is very unlikely to get the length correct, and
so fall down to the other checks.
This should fix:
UNEXPECTED(failure): samba4.rpc.backupkey with seal.backupkey.server_wrap_decrypt_wrong_r2(ad_dc_ntvfs)
REASON: Exception: Exception: ../source4/torture/rpc/backupkey.c:1926: r.out.result was WERR_INVALID_ACCESS, expected WERR_INVALID_PARAM: decrypt should fail with WERR_INVALID_PARAM
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11174
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan (metze) Metzmacher <metze@samba.org>
(cherry picked from commit
e617e3e74b7ea13bcf3ce385f3926e50e38dbe44)