From 2397d3c8e8a72b8af3d029bd7c797cf8bb6566bd Mon Sep 17 00:00:00 2001
From: Arjun <pkillarjun@protonmail.com>
Date: Fri, 11 Oct 2024 11:58:06 +0530
Subject: [PATCH] Add new OSS-Fuzz targets

[ghudson@mit.edu: made minor style edits; edited commit message]

bigredbutton: whitespace
---
 .gitignore                                    |   8 +
 src/tests/fuzzing/Makefile.in                 |  61 +++++-
 src/tests/fuzzing/deps                        | 102 ++++++++++
 src/tests/fuzzing/fuzz_aes.c                  | 104 ++++++++++
 .../fuzzing/fuzz_aes_seed_corpus/input.bin    |   1 +
 src/tests/fuzzing/fuzz_asn.c                  | 188 ++++++++++++++++++
 .../decode_authenticator_3.bin                | Bin 0 -> 165 bytes
 .../decode_authenticator_4.bin                | Bin 0 -> 168 bytes
 .../decode_authenticator_6.bin                |   2 +
 .../decode_enc_tkt_part_30.bin                | Bin 0 -> 167 bytes
 .../decode_encryption_key_15.bin              |   2 +
 .../decode_encryption_key_21.bin              |   2 +
 .../decode_encryption_key_22.bin              | Bin 0 -> 20 bytes
 .../decode_encryption_key_24.bin              |   2 +
 .../decode_fail_encryption_key_16.bin         | Bin 0 -> 21 bytes
 .../encode_auth_pack_80.bin                   |   4 +
 .../fuzz_asn_seed_corpus/encode_cammac_68.bin |   1 +
 .../fuzz_asn_seed_corpus/encode_cammac_69.bin |   3 +
 .../encode_enc_data_47.bin                    | Bin 0 -> 40 bytes
 .../encode_kdc_dh_key_info_81.bin             | Bin 0 -> 39 bytes
 .../encode_kkdcp_message_67.bin               | Bin 0 -> 512 bytes
 .../encode_krb5_ad_kdcissued_54.bin           |   1 +
 .../encode_krb5_ap_rep_enc_part_16.bin        |   1 +
 .../encode_krb5_ap_req_14.bin                 | Bin 0 -> 53 bytes
 .../encode_krb5_as_rep_10.bin                 | Bin 0 -> 197 bytes
 .../encode_krb5_as_req_19.bin                 | Bin 0 -> 107 bytes
 .../encode_krb5_authdata_36.bin               |   1 +
 .../encode_krb5_authenticator_2.bin           |   1 +
 .../encode_krb5_cred_31.bin                   | Bin 0 -> 249 bytes
 .../encode_krb5_enc_cred_part_32.bin          | Bin 0 -> 551 bytes
 .../encode_krb5_enc_cred_part_33.bin          | Bin 0 -> 274 bytes
 .../encode_krb5_enc_kdc_rep_part_8.bin        | Bin 0 -> 181 bytes
 .../encode_krb5_enc_priv_part_29.bin          | Bin 0 -> 81 bytes
 .../encode_krb5_enc_priv_part_30.bin          | Bin 0 -> 33 bytes
 .../encode_krb5_enc_tkt_part_5.bin            | Bin 0 -> 280 bytes
 .../encode_krb5_enc_tkt_part_7.bin            | Bin 0 -> 274 bytes
 .../encode_krb5_error_34.bin                  |   3 +
 .../encode_krb5_error_35.bin                  |   1 +
 .../encode_krb5_etype_info2_43.bin            | Bin 0 -> 83 bytes
 .../encode_krb5_etype_info2_44.bin            | Bin 0 -> 34 bytes
 .../encode_krb5_etype_info_40.bin             | Bin 0 -> 53 bytes
 .../encode_krb5_etype_info_41.bin             | Bin 0 -> 24 bytes
 .../encode_krb5_fast_response_57.bin          |   2 +
 .../encode_krb5_iakerb_finished_56.bin        |   1 +
 .../encode_krb5_iakerb_header_55.bin          |   3 +
 .../encode_krb5_kdc_req_body_24.bin           | Bin 0 -> 258 bytes
 .../encode_krb5_tgs_rep_13.bin                | Bin 0 -> 160 bytes
 .../encode_krb5_tgs_req_23.bin                | Bin 0 -> 426 bytes
 .../encode_otp_tokeninfo_61.bin               | Bin 0 -> 116 bytes
 .../encode_pa_enc_ts (no usec)_45.bin         |   1 +
 .../encode_pa_for_user_53.bin                 |   2 +
 .../encode_pa_fx_fast_reply_59.bin            | Bin 0 -> 43 bytes
 .../encode_pa_otp_challenge_63.bin            | Bin 0 -> 168 bytes
 .../encode_pa_otp_req_64.bin                  | Bin 0 -> 46 bytes
 .../encode_pa_otp_req_65.bin                  | Bin 0 -> 188 bytes
 .../encode_pa_pk_as_rep_78.bin                |   3 +
 .../encode_pa_pk_as_rep_79.bin                |   1 +
 .../encode_pa_s4u_x509_user_54.bin            | Bin 0 -> 106 bytes
 .../encode_pa_spake_73.bin                    |   2 +
 .../encode_pa_spake_74.bin                    |   1 +
 .../encode_pa_spake_75.bin                    | Bin 0 -> 54 bytes
 .../encode_pa_spake_76.bin                    | Bin 0 -> 39 bytes
 .../encode_padata_sequence_38.bin             | Bin 0 -> 2 bytes
 .../fuzz_asn_seed_corpus/encode_priv_28.bin   | Bin 0 -> 53 bytes
 .../encode_reply_key_pack_82.bin              |   2 +
 .../fuzz_asn_seed_corpus/encode_safe_26.bin   | Bin 0 -> 112 bytes
 .../fuzz_asn_seed_corpus/encode_safe_27.bin   | Bin 0 -> 64 bytes
 .../encode_sam_challenge_2_49.bin             |   1 +
 .../encode_sam_challenge_2_body_50.bin        | Bin 0 -> 102 bytes
 .../encode_sam_response_2_51.bin              | Bin 0 -> 68 bytes
 .../encode_secure_cookie_70.bin               |   1 +
 .../encode_sp80056a_other_info_83.bin         |   2 +
 .../encode_spake_factor_71.bin                |   1 +
 .../encode_tgs_rep_11.bin                     | Bin 0 -> 237 bytes
 .../encode_tgs_rep_12.bin                     | Bin 0 -> 197 bytes
 .../encode_tgs_req_20.bin                     | Bin 0 -> 488 bytes
 .../encode_tgs_req_21.bin                     | Bin 0 -> 280 bytes
 .../fuzz_asn_seed_corpus/encode_ticket_3.bin  | Bin 0 -> 94 bytes
 src/tests/fuzzing/fuzz_attrset.c              |  68 +++++++
 .../fuzz_attrset_seed_corpus/t_attrset.bin    |   2 +
 src/tests/fuzzing/fuzz_crypto.c               | 171 ++++++++++++++++
 .../fuzzing/fuzz_crypto_seed_corpus/input.bin |   1 +
 src/tests/fuzzing/fuzz_des.c                  | 109 ++++++++++
 .../fuzzing/fuzz_des_seed_corpus/input.bin    |   1 +
 src/tests/fuzzing/fuzz_kdc.c                  |  72 +++++++
 .../fuzzing/fuzz_kdc_seed_corpus/input.bin    |   1 +
 src/tests/fuzzing/fuzz_krb.c                  | 170 ++++++++++++++++
 .../fuzzing/fuzz_krb_seed_corpus/deltat.bin   |   1 +
 .../fuzz_krb_seed_corpus/enctype_1.bin        |   1 +
 .../fuzz_krb_seed_corpus/enctype_2.bin        |   1 +
 .../fuzz_krb_seed_corpus/enctype_3.bin        |   1 +
 .../fuzz_krb_seed_corpus/enctype_4.bin        |   1 +
 .../fuzz_krb_seed_corpus/enctype_5.bin        |   1 +
 .../fuzz_krb_seed_corpus/enctype_6.bin        |   1 +
 .../fuzz_krb_seed_corpus/enctype_7.bin        |   1 +
 .../fuzz_krb_seed_corpus/host_string_11.bin   |   1 +
 .../fuzz_krb_seed_corpus/host_string_12.bin   |   1 +
 .../fuzz_krb_seed_corpus/host_string_2.bin    |   1 +
 .../fuzz_krb_seed_corpus/host_string_4.bin    |   1 +
 .../fuzz_krb_seed_corpus/host_string_5.bin    |   1 +
 .../fuzz_krb_seed_corpus/host_string_8.bin    |   1 +
 .../fuzz_krb_seed_corpus/host_string_9.bin    |   1 +
 .../fuzz_krb_seed_corpus/parse_name.bin       |   1 +
 .../principal_425_name.bin                    |   1 +
 src/tests/fuzzing/fuzz_oid.c                  |  65 ++++++
 .../fuzzing/fuzz_oid_seed_corpus/oid_19.bin   |   1 +
 .../fuzzing/fuzz_oid_seed_corpus/oid_20.bin   | Bin 0 -> 2 bytes
 .../fuzzing/fuzz_oid_seed_corpus/oid_21.bin   | Bin 0 -> 3 bytes
 .../fuzzing/fuzz_oid_seed_corpus/oid_22.bin   | Bin 0 -> 2 bytes
 .../fuzzing/fuzz_oid_seed_corpus/oid_24.bin   | Bin 0 -> 4 bytes
 .../fuzzing/fuzz_oid_seed_corpus/oid_8.bin    |   1 +
 src/tests/fuzzing/oss-fuzz.sh                 |   7 +-
 112 files changed, 1189 insertions(+), 8 deletions(-)
 create mode 100644 src/tests/fuzzing/fuzz_aes.c
 create mode 100644 src/tests/fuzzing/fuzz_aes_seed_corpus/input.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn.c
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_3.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_4.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_6.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/decode_enc_tkt_part_30.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_15.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_21.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_22.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_24.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/decode_fail_encryption_key_16.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_auth_pack_80.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_68.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_69.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_enc_data_47.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kdc_dh_key_info_81.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kkdcp_message_67.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ad_kdcissued_54.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_rep_enc_part_16.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_req_14.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_rep_10.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_req_19.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authdata_36.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authenticator_2.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_cred_31.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_32.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_33.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_kdc_rep_part_8.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_29.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_30.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_5.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_7.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_34.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_35.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_43.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_44.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_40.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_41.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_fast_response_57.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_finished_56.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_header_55.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_kdc_req_body_24.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_rep_13.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_req_23.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_otp_tokeninfo_61.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_enc_ts (no usec)_45.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_for_user_53.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_fx_fast_reply_59.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_challenge_63.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_64.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_65.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_78.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_79.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_s4u_x509_user_54.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_73.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_74.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_75.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_76.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_padata_sequence_38.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_priv_28.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_reply_key_pack_82.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_26.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_27.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_49.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_body_50.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_response_2_51.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_secure_cookie_70.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sp80056a_other_info_83.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_spake_factor_71.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_11.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_12.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_20.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_21.bin
 create mode 100644 src/tests/fuzzing/fuzz_asn_seed_corpus/encode_ticket_3.bin
 create mode 100644 src/tests/fuzzing/fuzz_attrset.c
 create mode 100644 src/tests/fuzzing/fuzz_attrset_seed_corpus/t_attrset.bin
 create mode 100644 src/tests/fuzzing/fuzz_crypto.c
 create mode 100644 src/tests/fuzzing/fuzz_crypto_seed_corpus/input.bin
 create mode 100644 src/tests/fuzzing/fuzz_des.c
 create mode 100644 src/tests/fuzzing/fuzz_des_seed_corpus/input.bin
 create mode 100644 src/tests/fuzzing/fuzz_kdc.c
 create mode 100644 src/tests/fuzzing/fuzz_kdc_seed_corpus/input.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb.c
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/deltat.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_1.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_2.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_3.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_4.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_5.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_6.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_7.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_11.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_12.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_2.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_4.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_5.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_8.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_9.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/parse_name.bin
 create mode 100644 src/tests/fuzzing/fuzz_krb_seed_corpus/principal_425_name.bin
 create mode 100644 src/tests/fuzzing/fuzz_oid.c
 create mode 100644 src/tests/fuzzing/fuzz_oid_seed_corpus/oid_19.bin
 create mode 100644 src/tests/fuzzing/fuzz_oid_seed_corpus/oid_20.bin
 create mode 100644 src/tests/fuzzing/fuzz_oid_seed_corpus/oid_21.bin
 create mode 100644 src/tests/fuzzing/fuzz_oid_seed_corpus/oid_22.bin
 create mode 100644 src/tests/fuzzing/fuzz_oid_seed_corpus/oid_24.bin
 create mode 100644 src/tests/fuzzing/fuzz_oid_seed_corpus/oid_8.bin

diff --git a/.gitignore b/.gitignore
index 90bfa0e206..a7a217a6f3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -433,14 +433,22 @@ local.properties
 
 /src/tests/create/kdb5_mkdums
 
+/src/tests/fuzzing/fuzz_aes
+/src/tests/fuzzing/fuzz_asn
+/src/tests/fuzzing/fuzz_attrset
 /src/tests/fuzzing/fuzz_chpw
+/src/tests/fuzzing/fuzz_crypto
+/src/tests/fuzzing/fuzz_des
 /src/tests/fuzzing/fuzz_gss
 /src/tests/fuzzing/fuzz_json
+/src/tests/fuzzing/fuzz_kdc
 /src/tests/fuzzing/fuzz_krad
+/src/tests/fuzzing/fuzz_krb
 /src/tests/fuzzing/fuzz_krb5_ticket
 /src/tests/fuzzing/fuzz_marshal_cred
 /src/tests/fuzzing/fuzz_marshal_princ
 /src/tests/fuzzing/fuzz_ndr
+/src/tests/fuzzing/fuzz_oid
 /src/tests/fuzzing/fuzz_pac
 /src/tests/fuzzing/fuzz_profile
 /src/tests/fuzzing/fuzz_util
diff --git a/src/tests/fuzzing/Makefile.in b/src/tests/fuzzing/Makefile.in
index 2ab3108b16..15bbbbf1a8 100644
--- a/src/tests/fuzzing/Makefile.in
+++ b/src/tests/fuzzing/Makefile.in
@@ -1,44 +1,71 @@
 mydir=tests$(S)fuzzing
 BUILDTOP=$(REL)..$(S)..
 
-LOCALINCLUDES = -I$(srcdir)/../../lib/krb5/ccache -I$(srcdir)/../../kdc \
-	-I$(srcdir)/../../util/profile -I$(srcdir)/../../util/support
-
-OBJS = \
+LOCALINCLUDES= \
+	-I$(srcdir)/../../lib/crypto/krb -I$(srcdir)/../../lib/krad \
+	-I$(srcdir)/../../lib/crypto/builtin/des -I$(srcdir)/../../kdc \
+	-I$(srcdir)/../../lib/krb5/ccache -I$(srcdir)/../../util/profile \
+	-I$(srcdir)/../../util/support
+
+OBJS= \
+	fuzz_aes.o \
+	fuzz_asn.o \
+	fuzz_attrset.o \
 	fuzz_chpw.o \
+	fuzz_crypto.o \
+	fuzz_des.o \
 	fuzz_gss.o \
 	fuzz_json.o \
+	fuzz_kdc.o \
 	fuzz_krad.o \
+	fuzz_krb.o \
 	fuzz_krb5_ticket.o \
 	fuzz_marshal_cred.o \
 	fuzz_marshal_princ.o \
 	fuzz_ndr.o \
+	fuzz_oid.o \
 	fuzz_pac.o \
 	fuzz_profile.o \
 	fuzz_util.o
 
-SRCS = \
+SRCS= \
+	$(srcdir)/fuzz_aes.c \
+	$(srcdir)/fuzz_asn.c \
+	$(srcdir)/fuzz_attrset.c \
 	$(srcdir)/fuzz_chpw.c \
+	$(srcdir)/fuzz_crypto.c \
+	$(srcdir)/fuzz_des.c \
 	$(srcdir)/fuzz_gss.c \
 	$(srcdir)/fuzz_json.c \
+	$(srcdir)/fuzz_kdc.c \
 	$(srcdir)/fuzz_krad.c \
+	$(srcdir)/fuzz_krb.c \
 	$(srcdir)/fuzz_krb5_ticket.c \
 	$(srcdir)/fuzz_marshal_cred.c \
 	$(srcdir)/fuzz_marshal_princ.c \
 	$(srcdir)/fuzz_ndr.c \
+	$(srcdir)/fuzz_oid.c \
 	$(srcdir)/fuzz_pac.c \
 	$(srcdir)/fuzz_profile.c \
 	$(srcdir)/fuzz_util.c
 
 FUZZ_TARGETS= \
+	fuzz_aes \
+	fuzz_asn \
+	fuzz_attrset \
 	fuzz_chpw \
+	fuzz_crypto \
+	fuzz_des \
 	fuzz_gss \
 	fuzz_json \
+	fuzz_kdc \
 	fuzz_krad \
+	fuzz_krb \
 	fuzz_krb5_ticket \
 	fuzz_marshal_cred \
 	fuzz_marshal_princ \
 	fuzz_ndr \
+	fuzz_oid \
 	fuzz_pac \
 	fuzz_profile \
 	fuzz_util
@@ -48,18 +75,39 @@ all: $(FUZZ_TARGETS)
 # OSS-Fuzz requires fuzz targets to be linked with the C++ linker,
 # even if they are written in C.
 
+fuzz_aes: fuzz_aes.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_aes.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_asn: fuzz_asn.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_asn.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_attrset: fuzz_attrset.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_attrset.o -lkrad $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
 fuzz_chpw: fuzz_chpw.o $(KRB5_BASE_DEPLIBS)
 	$(CXX_LINK) -o $@ fuzz_chpw.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
 
+fuzz_crypto: fuzz_crypto.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_crypto.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_des: fuzz_des.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_des.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
 fuzz_gss: fuzz_gss.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
 	$(CXX_LINK) -o $@ fuzz_gss.o $(GSS_LIBS) $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
 
 fuzz_json: fuzz_json.o $(KRB5_BASE_DEPLIBS)
 	$(CXX_LINK) -o $@ fuzz_json.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
 
+fuzz_kdc: fuzz_kdc.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_kdc.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
 fuzz_krad: fuzz_krad.o $(KRB5_BASE_DEPLIBS)
 	$(CXX_LINK) -o $@ fuzz_krad.o -lkrad $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
 
+fuzz_krb: fuzz_krb.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_krb.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
 fuzz_krb5_ticket: fuzz_krb5_ticket.o $(KRB5_BASE_DEPLIBS)
 	$(CXX_LINK) -o $@ fuzz_krb5_ticket.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
 
@@ -72,6 +120,9 @@ fuzz_marshal_princ: fuzz_marshal_princ.o $(KRB5_BASE_DEPLIBS)
 fuzz_ndr: fuzz_ndr.o $(KRB5_BASE_DEPLIBS)
 	$(CXX_LINK) -o $@ fuzz_ndr.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
 
+fuzz_oid: fuzz_oid.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_oid.o $(GSS_LIBS) $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
 fuzz_pac: fuzz_pac.o $(KRB5_BASE_DEPLIBS)
 	$(CXX_LINK) -o $@ fuzz_pac.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
 
diff --git a/src/tests/fuzzing/deps b/src/tests/fuzzing/deps
index 507645a48e..fbd77e8ea9 100644
--- a/src/tests/fuzzing/deps
+++ b/src/tests/fuzzing/deps
@@ -1,6 +1,40 @@
 #
 # Generated makefile dependencies follow.
 #
+$(OUTPRE)fuzz_aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../lib/crypto/krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_aes.c
+$(OUTPRE)fuzz_asn.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-spake.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_asn.c
+$(OUTPRE)fuzz_attrset.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
+  $(srcdir)/../../lib/krad/internal.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krad.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_attrset.c
 $(OUTPRE)fuzz_chpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
@@ -11,6 +45,29 @@ $(OUTPRE)fuzz_chpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
   $(top_srcdir)/include/socket-utils.h fuzz_chpw.c
+$(OUTPRE)fuzz_crypto.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../lib/crypto/krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_crypto.c
+$(OUTPRE)fuzz_des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../lib/crypto/builtin/des/des_int.h \
+  $(srcdir)/../../lib/crypto/builtin/des/f_cbc.c $(srcdir)/../../lib/crypto/builtin/des/f_tables.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_des.c
 $(OUTPRE)fuzz_gss.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/krb5/krb5.h \
   $(COM_ERR_DEPS) $(top_srcdir)/include/gssapi.h $(top_srcdir)/include/krb5.h \
@@ -26,6 +83,28 @@ $(OUTPRE)fuzz_json.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
   fuzz_json.c
+$(OUTPRE)fuzz_kdc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
+  $(srcdir)/../../kdc/extern.h $(srcdir)/../../kdc/kdc_util.h \
+  $(srcdir)/../../kdc/realm_data.h $(srcdir)/../../kdc/replay.c \
+  $(srcdir)/../../kdc/reqstate.h $(top_srcdir)/include/gssrpc/auth.h \
+  $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
+  $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
+  $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
+  $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
+  $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-hashtab.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-queue.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/kdcpreauth_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/net-server.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_kdc.c
 $(OUTPRE)fuzz_krad.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
@@ -37,6 +116,17 @@ $(OUTPRE)fuzz_krad.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
   $(top_srcdir)/include/socket-utils.h fuzz_krad.c
+$(OUTPRE)fuzz_krb.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-base64.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-hex.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h fuzz_krb.c
 $(OUTPRE)fuzz_krb5_ticket.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
@@ -90,6 +180,18 @@ $(OUTPRE)fuzz_ndr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5/kdcpreauth_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/net-server.h $(top_srcdir)/include/port-sockets.h \
   $(top_srcdir)/include/socket-utils.h fuzz_ndr.c
+$(OUTPRE)fuzz_oid.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
+  $(BUILDTOP)/include/gssapi/gssapi_krb5.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_oid.c
 $(OUTPRE)fuzz_pac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
diff --git a/src/tests/fuzzing/fuzz_aes.c b/src/tests/fuzzing/fuzz_aes.c
new file mode 100644
index 0000000000..ea4d8492ba
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_aes.c
@@ -0,0 +1,104 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_aes.c - fuzzing harness for AES encryption/decryption */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <crypto_int.h>
+
+#define kMinInputLength 48
+#define kMaxInputLength 512
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static void
+fuzz_aes(const uint8_t *data, size_t size, size_t key_size, krb5_enctype etype)
+{
+    krb5_error_code ret;
+    krb5_keyblock keyblock;
+    krb5_crypto_iov iov;
+    krb5_key key = NULL;
+    char *aeskey = NULL, *data_in = NULL;
+    char encivbuf[16] = { 0 }, decivbuf[16] = { 0 };
+    krb5_data enciv = make_data(encivbuf, 16), deciv = make_data(decivbuf, 16);
+
+    aeskey = k5memdup(data, key_size, &ret);
+    if (ret)
+        return;
+
+    data_in = k5memdup(data + key_size, size - key_size, &ret);
+    if (ret)
+        goto cleanup;
+
+    keyblock.contents = (krb5_octet *)aeskey;
+    keyblock.length = key_size;
+    keyblock.enctype = etype;
+
+    ret = krb5_k_create_key(NULL, &keyblock, &key);
+    if (ret)
+        goto cleanup;
+
+    iov.flags = KRB5_CRYPTO_TYPE_DATA;
+    iov.data = make_data(data_in, size - key_size);
+
+    /* iov.data.data is input and output buffer */
+    ret = krb5int_aes_encrypt(key, &enciv, &iov, 1);
+    if (ret)
+        goto cleanup;
+
+    ret = krb5int_aes_decrypt(key, &deciv, &iov, 1);
+    if (ret)
+        goto cleanup;
+
+    /* Check that decryption result matches original plaintext. */
+    ret = memcmp(data_in, data + key_size, size - key_size);
+    if (ret)
+        abort();
+
+    (void)krb5int_aes_decrypt(key, &deciv, &iov, 1);
+
+cleanup:
+    free(aeskey);
+    free(data_in);
+    krb5_k_free_key(NULL, key);
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    fuzz_aes(data, size, 16, ENCTYPE_AES128_CTS_HMAC_SHA1_96);
+    fuzz_aes(data, size, 16, ENCTYPE_AES256_CTS_HMAC_SHA1_96);
+    fuzz_aes(data, size, 32, ENCTYPE_AES128_CTS_HMAC_SHA1_96);
+    fuzz_aes(data, size, 32, ENCTYPE_AES256_CTS_HMAC_SHA1_96);
+
+    return 0;
+}
diff --git a/src/tests/fuzzing/fuzz_aes_seed_corpus/input.bin b/src/tests/fuzzing/fuzz_aes_seed_corpus/input.bin
new file mode 100644
index 0000000000..5e4c069476
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_aes_seed_corpus/input.bin
@@ -0,0 +1 @@
+I would like the General Gau's Chicken, please, and wonton soup.
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn.c b/src/tests/fuzzing/fuzz_asn.c
new file mode 100644
index 0000000000..be3fdb71de
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn.c
@@ -0,0 +1,188 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_asn.c - fuzzing harness for ASN.1 encoding/decoding */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-spake.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 2048
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static void
+free_cred_enc_part_whole(krb5_context ctx, krb5_cred_enc_part *val)
+{
+    krb5_free_cred_enc_part(ctx, val);
+    free(val);
+}
+
+static void
+free_kkdcp_message(krb5_context context, krb5_kkdcp_message *val)
+{
+    if (val == NULL)
+        return;
+    free(val->kerb_message.data);
+    free(val->target_domain.data);
+    free(val);
+}
+
+#define FUZZ_ASAN(type, encoder, decoder, freefn) do {   \
+        type *v;                                         \
+        krb5_data *data_out = NULL;                      \
+                                                         \
+        if ((*decoder)(&data_in, &v) != 0)               \
+            break;                                       \
+                                                         \
+        (*encoder)(v, &data_out);                        \
+        krb5_free_data(context, data_out);               \
+        (*freefn)(context, v);                           \
+    } while (0)
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_context context;
+    krb5_data data_in;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    if (krb5_init_context(&context))
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    /* Adapted from krb5_decode_leak.c */
+    FUZZ_ASAN(krb5_authenticator, encode_krb5_authenticator,
+              decode_krb5_authenticator, krb5_free_authenticator);
+    FUZZ_ASAN(krb5_ticket, encode_krb5_ticket, decode_krb5_ticket,
+              krb5_free_ticket);
+    FUZZ_ASAN(krb5_keyblock, encode_krb5_encryption_key,
+              decode_krb5_encryption_key, krb5_free_keyblock);
+    FUZZ_ASAN(krb5_enc_tkt_part, encode_krb5_enc_tkt_part,
+              decode_krb5_enc_tkt_part, krb5_free_enc_tkt_part);
+    FUZZ_ASAN(krb5_enc_kdc_rep_part, encode_krb5_enc_kdc_rep_part,
+              decode_krb5_enc_kdc_rep_part, krb5_free_enc_kdc_rep_part);
+    FUZZ_ASAN(krb5_kdc_rep, encode_krb5_as_rep, decode_krb5_as_rep,
+              krb5_free_kdc_rep);
+    FUZZ_ASAN(krb5_kdc_rep, encode_krb5_tgs_rep, decode_krb5_tgs_rep,
+              krb5_free_kdc_rep);
+    FUZZ_ASAN(krb5_ap_req, encode_krb5_ap_req, decode_krb5_ap_req,
+              krb5_free_ap_req);
+    FUZZ_ASAN(krb5_ap_rep, encode_krb5_ap_rep, decode_krb5_ap_rep,
+              krb5_free_ap_rep);
+    FUZZ_ASAN(krb5_ap_rep_enc_part, encode_krb5_ap_rep_enc_part,
+              decode_krb5_ap_rep_enc_part, krb5_free_ap_rep_enc_part);
+    FUZZ_ASAN(krb5_kdc_req, encode_krb5_as_req, decode_krb5_as_req,
+              krb5_free_kdc_req);
+    FUZZ_ASAN(krb5_kdc_req, encode_krb5_tgs_req, decode_krb5_tgs_req,
+              krb5_free_kdc_req);
+    FUZZ_ASAN(krb5_kdc_req, encode_krb5_kdc_req_body, decode_krb5_kdc_req_body,
+              krb5_free_kdc_req);
+    FUZZ_ASAN(krb5_safe, encode_krb5_safe, decode_krb5_safe, krb5_free_safe);
+    FUZZ_ASAN(krb5_priv, encode_krb5_priv, decode_krb5_priv, krb5_free_priv);
+    FUZZ_ASAN(krb5_priv_enc_part, encode_krb5_enc_priv_part,
+              decode_krb5_enc_priv_part, krb5_free_priv_enc_part);
+    FUZZ_ASAN(krb5_cred, encode_krb5_cred, decode_krb5_cred, krb5_free_cred);
+    FUZZ_ASAN(krb5_cred_enc_part, encode_krb5_enc_cred_part,
+              decode_krb5_enc_cred_part, free_cred_enc_part_whole);
+    FUZZ_ASAN(krb5_error, encode_krb5_error, decode_krb5_error,
+              krb5_free_error);
+    FUZZ_ASAN(krb5_authdata *, encode_krb5_authdata, decode_krb5_authdata,
+              krb5_free_authdata);
+    FUZZ_ASAN(krb5_pa_data *, encode_krb5_padata_sequence,
+              decode_krb5_padata_sequence, krb5_free_pa_data);
+    FUZZ_ASAN(krb5_pa_data *, encode_krb5_typed_data,
+              decode_krb5_typed_data, krb5_free_pa_data);
+    FUZZ_ASAN(krb5_etype_info_entry *, encode_krb5_etype_info,
+              decode_krb5_etype_info, krb5_free_etype_info);
+    FUZZ_ASAN(krb5_etype_info_entry *, encode_krb5_etype_info2,
+              decode_krb5_etype_info2, krb5_free_etype_info);
+    FUZZ_ASAN(krb5_pa_enc_ts, encode_krb5_pa_enc_ts, decode_krb5_pa_enc_ts,
+              krb5_free_pa_enc_ts);
+    FUZZ_ASAN(krb5_enc_data, encode_krb5_enc_data, decode_krb5_enc_data,
+              krb5_free_enc_data);
+    FUZZ_ASAN(krb5_sam_challenge_2, encode_krb5_sam_challenge_2,
+              decode_krb5_sam_challenge_2, krb5_free_sam_challenge_2);
+    FUZZ_ASAN(krb5_sam_challenge_2_body, encode_krb5_sam_challenge_2_body,
+              decode_krb5_sam_challenge_2_body,
+              krb5_free_sam_challenge_2_body);
+    FUZZ_ASAN(krb5_sam_response_2, encode_krb5_sam_response_2,
+              decode_krb5_sam_response_2, krb5_free_sam_response_2);
+    FUZZ_ASAN(krb5_enc_sam_response_enc_2, encode_krb5_enc_sam_response_enc_2,
+              decode_krb5_enc_sam_response_enc_2,
+              krb5_free_enc_sam_response_enc_2);
+    FUZZ_ASAN(krb5_pa_for_user, encode_krb5_pa_for_user,
+              decode_krb5_pa_for_user, krb5_free_pa_for_user);
+    FUZZ_ASAN(krb5_pa_s4u_x509_user, encode_krb5_pa_s4u_x509_user,
+              decode_krb5_pa_s4u_x509_user, krb5_free_pa_s4u_x509_user);
+    FUZZ_ASAN(krb5_ad_kdcissued, encode_krb5_ad_kdcissued,
+              decode_krb5_ad_kdcissued, krb5_free_ad_kdcissued);
+    FUZZ_ASAN(krb5_iakerb_header, encode_krb5_iakerb_header,
+              decode_krb5_iakerb_header, krb5_free_iakerb_header);
+    FUZZ_ASAN(krb5_iakerb_finished, encode_krb5_iakerb_finished,
+              decode_krb5_iakerb_finished, krb5_free_iakerb_finished);
+    FUZZ_ASAN(krb5_fast_response, encode_krb5_fast_response,
+              decode_krb5_fast_response, krb5_free_fast_response);
+    FUZZ_ASAN(krb5_enc_data, encode_krb5_pa_fx_fast_reply,
+              decode_krb5_pa_fx_fast_reply, krb5_free_enc_data);
+
+    /* Adapted from krb5_encode_test.c */
+    FUZZ_ASAN(krb5_otp_tokeninfo, encode_krb5_otp_tokeninfo,
+              decode_krb5_otp_tokeninfo, k5_free_otp_tokeninfo);
+    FUZZ_ASAN(krb5_pa_otp_challenge, encode_krb5_pa_otp_challenge,
+              decode_krb5_pa_otp_challenge, k5_free_pa_otp_challenge);
+    FUZZ_ASAN(krb5_pa_otp_req, encode_krb5_pa_otp_req, decode_krb5_pa_otp_req,
+              k5_free_pa_otp_req);
+    FUZZ_ASAN(krb5_data, encode_krb5_pa_otp_enc_req,
+              decode_krb5_pa_otp_enc_req, krb5_free_data);
+    FUZZ_ASAN(krb5_kkdcp_message, encode_krb5_kkdcp_message,
+              decode_krb5_kkdcp_message, free_kkdcp_message);
+    FUZZ_ASAN(krb5_cammac, encode_krb5_cammac, decode_krb5_cammac,
+              k5_free_cammac);
+    FUZZ_ASAN(krb5_secure_cookie, encode_krb5_secure_cookie,
+              decode_krb5_secure_cookie, k5_free_secure_cookie);
+    FUZZ_ASAN(krb5_spake_factor, encode_krb5_spake_factor,
+              decode_krb5_spake_factor, k5_free_spake_factor);
+    FUZZ_ASAN(krb5_pa_spake, encode_krb5_pa_spake, decode_krb5_pa_spake,
+              k5_free_pa_spake);
+
+    /* Adapted from krb5_decode_test.c */
+    {
+        krb5_pa_pac_req *pa_pac_req = NULL;
+
+        if (decode_krb5_pa_pac_req(&data_in, &pa_pac_req) == 0)
+            free(pa_pac_req);
+    }
+
+    krb5_free_context(context);
+    return 0;
+}
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_3.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_3.bin
new file mode 100644
index 0000000000000000000000000000000000000000..26c78993edb1d4e45e8d9e4aea6bb95fb25761e8
GIT binary patch
literal 165
zc-l*9Tx8HVe*rTSBkMu|X+Fmg4_7}&JzvidJy(~|MN$S5ASuR$f(HE3Y#C`K#fh2H
ztf>_xMTv{~4R|4PY%DB>M#d&fSecj^A2}=)l;AhCv@|g=Gc+(TGcYzZk6I>dAP7;)
m#litnYHDU~v7Cj8iQ)eW6$2#$euyLo3tL)#eo|r)h5!IKuqT25

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_4.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_4.bin
new file mode 100644
index 0000000000000000000000000000000000000000..6add5a8412c33995ec07a2410f7718fbd9af2cf7
GIT binary patch
literal 168
zc-l*9Tx!s`XaO@5BkMu|X+Fmg4_7}&JzvidJy(~|MN$S5ASuR$f(HE3Y#C`K#fh2H
ztf>_xMTv{~4R|4PY%DB>M#d&fSecj^A2}=)l;AhCv@|g=Gc+(TGcYzZk6I>dAP7;)
o#litnYHDU~v7DWWmEk`StWYsfGT?{EbFi?b<>x0Q7GVeg01xmgivR!s

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_6.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_6.bin
new file mode 100644
index 0000000000..dc2f08684e
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_6.bin
@@ -0,0 +1,2 @@
+b¤0¡ 
¡ATHENA.MIT.EDU¢0 

¡0hftsaiextra£0
 

¡1234¤
â@¥19940610060317Z¦0 

¡
+12345678§ÿÿÿÿ¨$0"0 

¡foobar0 

¡foobar
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_enc_tkt_part_30.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_enc_tkt_part_30.bin
new file mode 100644
index 0000000000000000000000000000000000000000..727a70f7db1f42c9b5a3bd811ac8c0b314aa4433
GIT binary patch
literal 167
zc-l*DTw>6;Z~+@L3&X!VyA}!?2rgh|Vq{#%#lm4|WNcz;W^S=aK$_1n#KYCkQP0;i
zM9<YFbg`6y1Vovj0lzd`Mp{X6Vx}}}YDGy=;u1Xr9f+JNi!xBH4oHs<RKHHRW3Y#(
lpL>YEAIKaX=U~01f)f0OmX;<4W`+g^W(LNF=26Qrg#f&vDr*1$

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_15.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_15.bin
new file mode 100644
index 0000000000..842a99d1b7
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_15.bin
@@ -0,0 +1,2 @@
+0 

¡
+12345678¢0 


\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_21.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_21.bin
new file mode 100644
index 0000000000..ae4a8aa5d2
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_21.bin
@@ -0,0 +1,2 @@
+0 ÿ
¡
+12345678
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_22.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_22.bin
new file mode 100644
index 0000000000000000000000000000000000000000..4bbedc1a50e4d9f814640ee11e4e4c1abc985bc5
GIT binary patch
literal 20
bc-k`%TEN1@#PEM17Ym1>k+F%XnYjf3ErA3@

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_24.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_24.bin
new file mode 100644
index 0000000000..c9ad2a5dc0
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_24.bin
@@ -0,0 +1,2 @@
+0 ÿÿÿ¡
+12345678
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_fail_encryption_key_16.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_fail_encryption_key_16.bin
new file mode 100644
index 0000000000000000000000000000000000000000..2b8b75383855375ffd8e3751d168198fdf288f99
GIT binary patch
literal 21
cc-k{)SisE0$heS;g~QOu*u>P#+=77t04}rxvj6}9

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_auth_pack_80.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_auth_pack_80.bin
new file mode 100644
index 0000000000..ff246345f6
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_auth_pack_80.bin
@@ -0,0 +1,4 @@
+0… 503 
â@¡19940610060317Z¢
*£1234¤
+krb5data¡pvalue¢$0"0	*†H†÷
params0	*†H†÷
£
+krb5data¤00 
+krb5data
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_68.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_68.bin
new file mode 100644
index 0000000000..cbd0fd3cb2
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_68.bin
@@ -0,0 +1 @@
+0 00 

¡ad1
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_69.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_69.bin
new file mode 100644
index 0000000000..522634af28
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_69.bin
@@ -0,0 +1,3 @@
+0ò 00 

¡ad10 
¡ad2¡=0; 0 

¡0hftsaiextra¡
¢
£0 

¡
+cksumkdc¢=0; 0 

¡0hftsaiextra¡
¢
£0 

¡
+cksumsvc£R0P0£0 

¡cksum109 0 

¡0hftsaiextra¡
¢
£0 

¡cksum2
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_enc_data_47.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_enc_data_47.bin
new file mode 100644
index 0000000000000000000000000000000000000000..2cec584d9f4de3b057680aa580618c642f74c68a
GIT binary patch
literal 40
vc-k{iTfof3$gq%&iRC{71H&S57SZgYB*$PsJwt_()Z!9_+|=UY#Pn1EyGIJ(

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kdc_dh_key_info_81.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kdc_dh_key_info_81.bin
new file mode 100644
index 0000000000000000000000000000000000000000..a3427389f37ed288aae520cbe249ff5b06fbf759
GIT binary patch
literal 39
uc-k{iUBJ!E$&g)?WSWv#lDLqWiBW5jpaj36rKO31nW2G!nSrsPc@zM-TL|v}

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kkdcp_message_67.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kkdcp_message_67.bin
new file mode 100644
index 0000000000000000000000000000000000000000..5c52c94176bbf50b7456e189cec8a2862ef0de27
GIT binary patch
literal 512
zc-k{)V*In9iSZ3f6XT1lCdMZQO^go~GBYu<E&>u<i`5KN3<N-Y-bI`&>;;LsDTyVC
zm?BG>7*_#xE?dCP%*ycZ&aN2?r3@q%02MJV6g1$MX3Iz`DNf9kW=*XqDN0-<AkF6(
z;^FG&sORe$qUY)ox)_h@C4v(ChL)Bl24;o^24)7vhUQUAF@=_43M~g3sI`K_fQ^Zf
z0ci9}1p_$)UXU$J3)xs$gf1{Bqj6WM8YqJV7$E)^XA#XVN^%VL(=${kNi8l>$W1LS
sPE1c--MHVNaZh55K@><a>p~3QEW+cP#l+b`ThkYENpk=tOhGXR07^)O&Hw-a

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ad_kdcissued_54.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ad_kdcissued_54.bin
new file mode 100644
index 0000000000..973cd47bfd
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ad_kdcissued_54.bin
@@ -0,0 +1 @@
+0e 0
 

¡1234¡ATHENA.MIT.EDU¢0 

¡0hftsaiextra£$0"0 

¡foobar0 

¡foobar
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_rep_enc_part_16.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_rep_enc_part_16.bin
new file mode 100644
index 0000000000..3a7dcd135f
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_rep_enc_part_16.bin
@@ -0,0 +1 @@
+{0 19940610060317Z¡
â@
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_req_14.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_req_14.bin
new file mode 100644
index 0000000000000000000000000000000000000000..1e1861dd72a57c4f2d396c64a9656110d5ee9d6c
GIT binary patch
literal 53
zc-qT1HZWYk%*4pL5J>PZQZ-Np@fbin)<xnhqS-}Bj=_F<h6*LA#U%>4sl~;K>8SuK
CHw_2?

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_rep_10.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_rep_10.bin
new file mode 100644
index 0000000000000000000000000000000000000000..6cb6811438de78ca6478b27ab96493073f0a945b
GIT binary patch
literal 197
zc-qTuJY>+ge*rTSBkMvS!M#{On$I!B!`07G&(||V&($S#iIjl^NS<+_paH)$TSi(*
zabl)4YidPFQR33L#2AAph;9sxi|}Y%tZJYPl4Af_%DPCLMKrr8$uZbZ&rqQxwYWqf
OH?_DpF+Ft|amoNUk2M|u

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_req_19.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_req_19.bin
new file mode 100644
index 0000000000000000000000000000000000000000..63f41f884c1afeff480fe28b13144c9bbe121378
GIT binary patch
literal 107
zc-qU#G)P~_%*4pL2uN@(i8hE_z|PFd@bAv935x`z`5Z$$T>TvNd_6<-TwOvJOBqNk
z0IFkLC}_Yh&6bf?Qk<A6&6-+KQk1w<P=epk($d7h%+SEV%)r>tJZd>msn!Y(12!f`
H2B0PY6C)ZQ

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authdata_36.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authdata_36.bin
new file mode 100644
index 0000000000..ff84a122e0
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authdata_36.bin
@@ -0,0 +1 @@
+0"0 

¡foobar0 

¡foobar
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authenticator_2.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authenticator_2.bin
new file mode 100644
index 0000000000..7eb31e6e23
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authenticator_2.bin
@@ -0,0 +1 @@
+bO0M 
¡ATHENA.MIT.EDU¢0 

¡0hftsaiextra¤
â@¥19940610060317Z
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_cred_31.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_cred_31.bin
new file mode 100644
index 0000000000000000000000000000000000000000..33f21c8627c1cf72e440b4a3ad97d8fabfd19167
GIT binary patch
literal 249
zc-kv#{ASSjc>yyMBkMvSA-1S-zd_@k#2AAph?syhpJRxJtDmEuuV;v!t4ru2DFX?R
z6yric1Ab|?jI@&C#7t?{)QXa##Ko!x${;xgkWs9Q#92hMi;^6J{qzhKN>YnU6mnCG
NixbmRX=^%>$^gGkM0WrH

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_32.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_32.bin
new file mode 100644
index 0000000000000000000000000000000000000000..968faa53ee2e3a2755c74626c1e8112dbcb4b1df
GIT binary patch
literal 551
zc-pINVp29}Vv=9b#CXe~iSe32<BJ8t27(KinHU)ta<On28X23InweWH6p-d~4DoRF
zbJX+o4AFCS30)**AOTS(XuvPcmXTIcoR}%inp#m(l(?9knU&$+on14Q2uko9T3VVI
zm>C)vm>C!wnnx|g6k3KUv>a1t1%?w=;&H+%1p_$)UXU!)LN*o_p$iPk=-iRx)rCNg
X)*?)M7PB%jGd^-y!jGnYDY^gvKc|B=

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_33.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_33.bin
new file mode 100644
index 0000000000000000000000000000000000000000..e7d4d821db34f3389bd8a750300173a0d9bc7fc5
GIT binary patch
literal 274
zc-pINV&pSuV&q!T#K;DunG8f12pb44U}j=uT*$@3VQ6G*Vrph?VbJ&jtN20zX+Fmg
z4_7}&JzvidJy(~|MN$S55M_b}{L*Y0X(h#pnbNGO6(vQ9i`ki38UEebHDigO1izuB
zrHO%=p@D&!fw7@^)KW~LWtc+CF@;uOIAJ9oC#+I1kTc)~$uccuV_^}xz@UuA1pvSi
BKq3GD

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_kdc_rep_part_8.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_kdc_rep_part_8.bin
new file mode 100644
index 0000000000000000000000000000000000000000..3184156386405cae8a73fc72dbdd0a9206f3f5cf
GIT binary patch
literal 181
zc-pIK++@(Weu1!o-~whQM#hC)EF6YL#wMm_<`xUh3``6pK*GNl3QF)BT3VVIm>C)v
zm>C!wnn&T5Sp*c<TEfoE%J45{*Nml@3YKFEtrU>va}4ot^>fto^$gK-bqQT11+jr~
Xp`Zc3G+RbmNpWJPG;3-_Nl_vI&Fn0b

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_29.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_29.bin
new file mode 100644
index 0000000000000000000000000000000000000000..9e2574c1c9321366346fa02ee8241648fe7f1d2a
GIT binary patch
literal 81
zc-pJ+H}GA+#ln$Ylw_KcSdzF<P=epk($d7h%+SEV%)r>tJZcdu6Eou@hsDfHjDkz}
W4R{v-8B7b=SXhKEFeooY7XSb=Z4xm6

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_30.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_30.bin
new file mode 100644
index 0000000000000000000000000000000000000000..3c6f5d549c60bf6c7787cccb72ad7bfb369c0990
GIT binary patch
literal 33
oc-pIxH;`Sx#ln$Ylw_KcSdzGe-+*@kGZQ1zLN*o_p$iPk0Fz}0`2YX_

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_5.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_5.bin
new file mode 100644
index 0000000000000000000000000000000000000000..5f74aeb23dbf2dc2ea6308b7a1946aaef6e993d2
GIT binary patch
literal 280
zc-l*DViYlGViZ`w&dkd2@6N6n3xy2?7cet1GA`s|;V?8ZHZe6bw^$?~&F2{6;p*q8
z=j$1w=jsx=Sjs>GqD;_$Uz#l=t)w_HQ<^okqNFHsiJpNDL{61O8K_nVq(=v;Unkr#
z*u&G$J;dJ+WR8w=u-;NZ34TLMOA`Y#Ljwad17kz;sAZT!%Q1ykU<$2NFpx9g1=-HD
hkd1{!=mLW>8h4e7fsz3~#C;qrY-#!VNr^=m0sveKL4^PS

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_7.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_7.bin
new file mode 100644
index 0000000000000000000000000000000000000000..a674aadb77ac1db255b0d7616fb65ea57eafa275
GIT binary patch
literal 274
zc-pIKV&pSuV&qyNY#_LRnTe5cAr}jWp^>qPshPROLNfys0|}7u?}dUA{Dzj6CI)7P
z1_ovZ#)jrmxMdar#kCe=iZ5YjW@Y$yXV;9Sm~zW7g_dIqt-usoDIm?~7~<jT=cwoF
z8KURv61qwX;xxvEf(HE3Y#C`K#fh2Htf>_xMTx5w4CD-WL9$E>*;rVFE-)ygaRFwP
BJ}m$M

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_34.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_34.bin
new file mode 100644
index 0000000000..439eb171ce
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_34.bin
@@ -0,0 +1,3 @@
+~º0· 
¡
¢19940610060317Z£
â@¤19940610060317Z¥
â@¦
<§ATHENA.MIT.EDU¨0 

¡0hftsaiextra©ATHENA.MIT.EDUª0 

¡0hftsaiextra«
+krb5data¬
+krb5data
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_35.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_35.bin
new file mode 100644
index 0000000000..588e77546a
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_35.bin
@@ -0,0 +1 @@
+~`0^ 
¡
£
â@¤19940610060317Z¥
â@¦
<©ATHENA.MIT.EDUª0 

¡0hftsaiextra
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_43.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_43.bin
new file mode 100644
index 0000000000000000000000000000000000000000..c1bacbb8596aaa6c53981cae9f5775addf15eabc
GIT binary patch
literal 83
zc-k`vG>}`s%*4pBkXM@9H@~PPKTo|_LD^st2Mb%VQMQ$WfdM~Ao)Io!2+_cVs=){@
GZv+4r8WRBk

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_44.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_44.bin
new file mode 100644
index 0000000000000000000000000000000000000000..14f1ad05f376cc991b2ab6677dc79985c52917b5
GIT binary patch
literal 34
pc-k{iFpyio%*4pBkXM@9H@~PPKTo|_LD^st2Mb%VQMQ$W0RV*?2lD^`

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_40.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_40.bin
new file mode 100644
index 0000000000000000000000000000000000000000..c34f5bc03b23699f68ea454ef7a9b89767a24b7d
GIT binary patch
literal 53
qc-k{CHV|3B%*4pBke7wqH@~PPKTo|_LD|576(q_Ckz_)ZGy(uFv<s>L

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_41.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_41.bin
new file mode 100644
index 0000000000000000000000000000000000000000..5672958b5ca6f0ffeea4b2a2df03b2156bc3320c
GIT binary patch
literal 24
fc-k`%GZ0z8%*4pBke7wqH@~PPKTo|_LD>KRJZc4c

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_fast_response_57.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_fast_response_57.bin
new file mode 100644
index 0000000000..e4ff58a7f5
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_fast_response_57.bin
@@ -0,0 +1,2 @@
+0Ÿ &0$0¡

¢	pa-data0¡

¢	pa-data¡0 

¡
+12345678¢[0Y 19940610060317Z¡
â@¢ATHENA.MIT.EDU£0 

¡0hftsaiextra¤0
 

¡1234£
*
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_finished_56.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_finished_56.bin
new file mode 100644
index 0000000000..1ef561f501
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_finished_56.bin
@@ -0,0 +1 @@
+0¡0
 

¡1234
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_header_55.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_header_55.bin
new file mode 100644
index 0000000000..9d70978294
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_header_55.bin
@@ -0,0 +1,3 @@
+0¡
+krb5data¢
+krb5data
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_kdc_req_body_24.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_kdc_req_body_24.bin
new file mode 100644
index 0000000000000000000000000000000000000000..1f274fa96923cd87cf1a390d28b594c36bf31825
GIT binary patch
literal 258
zc-k{){J(&mnU&$+on12)2}tufhIqL8IqLa(hUmGvgf117;5W3iG%+wUG%zqTFg7%g
zTF%VGsI`K_fQ^Zffr*iEb>n`6#yyEK22l%u608d`j94UPAOVtMTqtP3FU^*bR#Kdp
yDb1Q%QBst+Sk*uoB*(B2q<4`xi)eOHl4G!+o}ofXYH^7|ZfbFHVtOiVO$Pw$7DVU(

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_rep_13.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_rep_13.bin
new file mode 100644
index 0000000000000000000000000000000000000000..b46dd44b06666a1d3ae7e186210c8ee3609eea16
GIT binary patch
literal 160
zc-qTroNLfHYXLJ8BkMvS!MBK=nU&$+on12)$0f!XL_s73r1=~}JY4-8^?W@;^juv+
z7fBgNfTS1~3L5ZBvt^`}6eng%v!+&*6eTWJHBbi0F@VftT_nyTnq8FS80@EKs8Etx
RT%wShT3no%p1OoMWdHy*EPwz2

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_req_23.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_req_23.bin
new file mode 100644
index 0000000000000000000000000000000000000000..e925ec4d70357f8961e7caec3890670ec65a3ca5
GIT binary patch
literal 426
zc-k{)VqCU>otc&4-<@3(7D^dNEMR70WLzj{z%R{~kycWim?_PgT2WGzxJW>n&oRWq
z)z4AS*E2-V)g^Q>9@R?(CHM_3Elmu}3=Is-42%uUqn2U{EyEOA4m40}1&09}6C(rA
z=#>fvat6F0TbLHIv9JhTU{FTmu2MBn1_>}M1QM)^#92hMi;^6J{qzhKN>YnU6mnCG
jixbmRS2ylAXxx(+V-N*W%(@W6H;eH2W-)Pg(AIPSC46j&

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_otp_tokeninfo_61.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_otp_tokeninfo_61.bin
new file mode 100644
index 0000000000000000000000000000000000000000..61a1d1dfb0cfba6eed57e021a8031df4655f17a9
GIT binary patch
literal 116
zc-k{4YG7q3XJBAx<aVt{%q_@CP0lYWXkyJsEXr1FX5?yNWNPKC%r7k}$<I#BYttw#
z%CpK$ElIN~NGwXsEw-x2&9TZWw#rVeEGWt^vnnXgPPWR(FDY0qX28wHnb79Jn99t;
T#Av|I#;VQ7%p}#p#QXvPr&1%c

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_enc_ts (no usec)_45.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_enc_ts (no usec)_45.bin
new file mode 100644
index 0000000000..127099627f
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_enc_ts (no usec)_45.bin	
@@ -0,0 +1 @@
+0 19940610060317Z
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_for_user_53.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_for_user_53.bin
new file mode 100644
index 0000000000..c1249ff700
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_for_user_53.bin
@@ -0,0 +1,2 @@
+0K 0 

¡0hftsaiextra¡ATHENA.MIT.EDU¢0
 

¡1234£
+krb5data
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_fx_fast_reply_59.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_fx_fast_reply_59.bin
new file mode 100644
index 0000000000000000000000000000000000000000..2218e2bbe1fbd99027214f2822e537b6747ee6d6
GIT binary patch
literal 43
xc-mW_X`sG9)j)XxGZQ1jLLkAqNSsA9yC}&q*iX+;p(M4qL?Jh|xHvIA6#(WM3&H>Z

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_challenge_63.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_challenge_63.bin
new file mode 100644
index 0000000000000000000000000000000000000000..119997b0088d18cb427a4a39a5af08dda15f2153
GIT binary patch
literal 168
zc-k{)T-v~qn^=*TpO>84$X$|JTvD7`RF;{Xx~SHGy@8bh1PqFRjB+5Ok=wN*F}ENm
zH95bipoujju_#-ynUSl7k*SrlGQYH_BtJVfuT7)0D9<W0wIt1|Ah9Shx7ey8H^(Zk
z*eW}<vY;rx%&MR`JJ~8DzocNfm;pB%XF{6?V=6NX6Qcn;8>==SGm}&Y6Z4B^cA)a&
N#GH~A7DFRr697iiG}{0G

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_64.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_64.bin
new file mode 100644
index 0000000000000000000000000000000000000000..b5b27f372cbc6d0d9df1db2080e008a4ce34c156
GIT binary patch
literal 46
xc-k}2X<%glfkny-n3)(E76J*@MdB=?*+of?!G3y%3MHw<B?`Hz#l?x~sQ}Q53orlx

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_65.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_65.bin
new file mode 100644
index 0000000000000000000000000000000000000000..3490a8d66d31e9dccca6317724a2d39876ea020d
GIT binary patch
literal 188
zc-k{)+}Xg&kifve(8!vXpO>7vNO=J>6C=YyAi=swoJBOdD9JI{PtQ=HB(=CiAvd+S
zI59nSF*h4$LYoI;Dl-ccV+#}Wi&oaOqWtvYHm=;tw9KO7l7h^<cGir<qHM(uenU%3
z69Y3t0|PSyV?*<(PG(~hvo1!aZqCa5(xQ_5?9{v-jnbk#tIX7rG^>KdqQu-{tBTwl
mtGr^X?9|GFqWm(eg5vCCtBm}Tf?jUdip1Q4oYds}q5=ShZai@S

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_78.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_78.bin
new file mode 100644
index 0000000000..52bff24122
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_78.bin
@@ -0,0 +1,3 @@
+ (0&€krb5data¡
+krb5data¢0 
+krb5data
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_79.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_79.bin
new file mode 100644
index 0000000000..35d75453df
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_79.bin
@@ -0,0 +1 @@
+krb5data
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_s4u_x509_user_54.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_s4u_x509_user_54.bin
new file mode 100644
index 0000000000000000000000000000000000000000..595a37cde091dd06ffce5fc3c3f637959da7fb56
GIT binary patch
literal 106
zc-k|_SP*Iuynu~~h2fOQtc6kr5(}7_7#SA|8t_ZAWu%o9CuT~srdE^`B`y+>=5q}3
zaP@Q4^YskTb9D(_EW{#EkQiTVQW{@jYG4^(TAW(6gq@j{p@D&cVIjW(FT^M|78XMz
GV-o-nU>i&T

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_73.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_73.bin
new file mode 100644
index 0000000000..d394484aad
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_73.bin
@@ -0,0 +1,2 @@
+ 0
+ 0



\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_74.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_74.bin
new file mode 100644
index 0000000000..d2e4cb2a41
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_74.bin
@@ -0,0 +1 @@
+¡-0+ 

¡	T value¢00 

0 
¡fdata
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_75.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_75.bin
new file mode 100644
index 0000000000000000000000000000000000000000..51dcdc0ad82d7e357d9a166b52022eee651e906d
GIT binary patch
literal 54
zc-mWJVqmm@lZ8E4p)4_{G<Bh>f${=oCPs#ZK!SCVIE!d@QIcb@pPr#YNosM4LT+kt
IabkKZ0Ehbz9{>OV

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_76.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_76.bin
new file mode 100644
index 0000000000000000000000000000000000000000..1b9a8f86155e8126844e474d9fef1f483cbbce85
GIT binary patch
literal 39
tc-mX6YM{J;nTe5MA&_8QB+eq5U6kY)?5Ag_P?B0)qL7<fT%4Gm3IMk$3Z(!5

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_padata_sequence_38.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_padata_sequence_38.bin
new file mode 100644
index 0000000000000000000000000000000000000000..def7fcb589b94b3707b9d3cb4d4825487a7fa402
GIT binary patch
literal 2
Jc-k{y0001D05Jdn

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_priv_28.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_priv_28.bin
new file mode 100644
index 0000000000000000000000000000000000000000..178ba448812b53337cdc1061a6a42996bf2f169a
GIT binary patch
literal 53
zc-kv9HZWYk%*4pL5J-qFRy9xt@fbin)<xnhqS-}Bj=_F<h6*LA#U%>4sl~;K>8SuM
Cj13h4

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_reply_key_pack_82.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_reply_key_pack_82.bin
new file mode 100644
index 0000000000..8657c7c56c
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_reply_key_pack_82.bin
@@ -0,0 +1,2 @@
+0& 0 

¡
+12345678¡0
 

¡1234
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_26.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_26.bin
new file mode 100644
index 0000000000000000000000000000000000000000..71f6ab3cba88e9aa0b8b30865e3337d653665d6b
GIT binary patch
literal 112
zc-kw;Gss!M%*4pL5J-qD@;C5Zz{SFmU6f>+l30?sP*8&3(9+Vxz|7FVz|6qd&^&4p
rD-$#0BZtL6<$_E24R}GCnHI9Kun1jXP+p2Iuox=92of+fGByDK&Se-%

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_27.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_27.bin
new file mode 100644
index 0000000000000000000000000000000000000000..736c6f0b3826f2ed90d3b89b37e8899dc0fbbc9e
GIT binary patch
literal 64
zc-kwmGq72}%*4pL5J-qDk~ffDz{SFmU6f>+l30?sgx`P{B+ImrjfF+%0)z5mr~o5K
Jz|hFp1OV4|4YB|L

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_49.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_49.bin
new file mode 100644
index 0000000000..62942bd8ac
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_49.bin
@@ -0,0 +1 @@
+0" 
0	challenge¡00
 

¡1234
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_body_50.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_body_50.bin
new file mode 100644
index 0000000000000000000000000000000000000000..dd624bb4a99a1f28daba08baa517a3e1bf655e13
GIT binary patch
literal 102
zc-k{aS-{N1sI`!tnU$e|fq`KWHw$M;WkIS!USe+Q5<wRJ<c!3eoYcJZRE3<xq|}_H
u0xWz8q0EBf)Ma8UB1Ngi1^Ic!sqqCx`MCupVDS~KOw1uh0xN;WivR%WZ63G)

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_response_2_51.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_response_2_51.bin
new file mode 100644
index 0000000000000000000000000000000000000000..430f6f0e2d7030603cba85917f6c49c2a6dc39ea
GIT binary patch
literal 68
zc-k{?TENW2sJ)P#nU$e|fq`KW4+~dGQDSnoLP}yu;$m3?X^_0gLKY?_Ub97fEIfJn
VdC92?`9%uFi7881nV3V21OO4p5Fh{m

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_secure_cookie_70.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_secure_cookie_70.bin
new file mode 100644
index 0000000000..00a4f477bb
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_secure_cookie_70.bin
@@ -0,0 +1 @@
+0,-ø%0$0¡

¢	pa-data0¡

¢	pa-data
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sp80056a_other_info_83.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sp80056a_other_info_83.bin
new file mode 100644
index 0000000000..3639de9e63
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sp80056a_other_info_83.bin
@@ -0,0 +1,2 @@
+00	*†H†÷
 200. ATHENA.MIT.EDU¡0 

¡0hftsaiextra¡200. ATHENA.MIT.EDU¡0 

¡0hftsaiextra¢
+krb5data
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_spake_factor_71.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_spake_factor_71.bin
new file mode 100644
index 0000000000..6dfd6ad0b0
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_spake_factor_71.bin
@@ -0,0 +1 @@
+0 


\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_11.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_11.bin
new file mode 100644
index 0000000000000000000000000000000000000000..0ca8532f6364696e2c2e734cbf926e85cbe149e7
GIT binary patch
literal 237
zc-qTtd}Yx1d;v2PBkMvS!MjM!K*c}+!sKLOFG$o)Ni0dk6j>}F&F2{6;p*q8=j$1w
z=jsx=M9M${WDes(K?8niwv4or;>1j8*3^oUqQs?fi7^II5L+-bF2bX6v8sVGNR9zy
jKkFiK7SZgYB*$PsJwt_()Z!9_+|=UY#Prl<#3=&+z{x)n

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_12.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_12.bin
new file mode 100644
index 0000000000000000000000000000000000000000..cd2ac5415520fc50b427def04fb7f8f307ce5569
GIT binary patch
literal 197
zc-qTtJY>+ge*rTSBkMvS!Mj*Mn$I!B!`07G&(||V&($S#iIjl^NS<+_paH)$TSi(*
zabl)4YidPFQR33L#2AAph;9sxi|}Y%tZJYPl4Af_%DPCLMKrr8$uZbZ&rqQxwYWqf
OH?_DpF+Ft|amoNXg*74o

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_20.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_20.bin
new file mode 100644
index 0000000000000000000000000000000000000000..b56f57d514ae3c0df51cacac3ed7677cf29e44b9
GIT binary patch
literal 488
zc-qTpVtiuI#Q0z#GZQ20A|S!DSj|AiKmf$&UBt=4UXZApl30?6DYB%AaTQSKvIXqS
ztPKC|?3%Dp%0OZPP!Z!oK?8niwv4or;>1j8*3^oUqQpf4(tM5~9<F|ldcK|^daf>^
zi}9#lA}GOcXlZF;U}k7wU}j)!Xdbl`Q)n5c&~l)GS}QmV*q9g@fJU!WFpx9g1=+&1
zkd1{!=mLW>8h4edfig&d0pfpg7SZgYB*$PsJwt_()Z!9_+|=UY#PrnFjr$E6_aw#`
WM1d5uF2wN7B0RoXOq?CGH5~vKH+;bW

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_21.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_21.bin
new file mode 100644
index 0000000000000000000000000000000000000000..eb8a40ff78a1e49c65e42962952f4ff6fcbab5e8
GIT binary patch
literal 280
zc-qTpViYlGViZ`&%*4pL2uScOX<}qDX#Br`otc&4-<@4E770l6Ifi(+`Z?<PdWPt^
zx`Zwjl;AhCv@|g=Gc+(TGcYzZk6I4YskMT`fQ^Zffr*iEb>n`6#yyEK22l$@<}SoA
zVv&@A1W1Z;p`Zc3G+RbmNpWJPG;3-_Nm1frRRd*^90SBn;w+-sMM;jqetL!qC8@<F
P3c0Dp#fj;uv^5<7c^64H

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_ticket_3.bin b/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_ticket_3.bin
new file mode 100644
index 0000000000000000000000000000000000000000..68efbe14af4ae8b5bde5ae886447fdf711227952
GIT binary patch
literal 94
zc-l*hF^F2g%*4pLP(Yf`F~q~w&r#3UGepnTC3KOLfdoj3aiO3AzcgD$T1jzYrZj76
rMM+WOVpRiWkQ~E8klsb&ETY*(NshsOdWH%msl_D<xv9m)iRq~TQ{ouL

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_attrset.c b/src/tests/fuzzing/fuzz_attrset.c
new file mode 100644
index 0000000000..5c1a8d6041
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_attrset.c
@@ -0,0 +1,68 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_attrset.c - fuzzing harness for kr_attrset functions */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <internal.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_context context;
+    krad_attrset *set;
+    krb5_data data_in;
+    uint8_t buffer[KRAD_PACKET_SIZE_MAX], auth[MD5_DIGEST_SIZE] = { 0 };
+    size_t encode_len;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return 0;
+
+    ret = kr_attrset_decode(context, &data_in, "f", auth, &set);
+    if (!ret)
+        kr_attrset_encode(set, "f", auth, FALSE, buffer, &encode_len);
+
+    krad_attrset_free(set);
+    krb5_free_context(context);
+
+    return 0;
+}
diff --git a/src/tests/fuzzing/fuzz_attrset_seed_corpus/t_attrset.bin b/src/tests/fuzzing/fuzz_attrset_seed_corpus/t_attrset.bin
new file mode 100644
index 0000000000..aceceefa7a
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_attrset_seed_corpus/t_attrset.bin
@@ -0,0 +1,2 @@
+

+testUserXÿÚ7ùäÊ®I·mX'
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_crypto.c b/src/tests/fuzzing/fuzz_crypto.c
new file mode 100644
index 0000000000..2bd52e6297
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_crypto.c
@@ -0,0 +1,171 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_crypto.c - fuzzing harness for general crypto */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <crypto_int.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 512
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static void
+fuzz_checksum(krb5_cksumtype sumtype, krb5_keyblock keyblock,
+              krb5_keyusage usage, krb5_data data)
+{
+    krb5_error_code ret;
+    krb5_checksum cksum;
+    krb5_boolean valid;
+
+    ret = krb5_c_make_checksum(NULL, sumtype, &keyblock, usage, &data, &cksum);
+    if (ret)
+        return;
+
+    ret = krb5_c_verify_checksum(NULL, &keyblock, usage, &data, &cksum,
+                                 &valid);
+    if (ret || !valid)
+        abort();
+
+    krb5_free_checksum_contents(NULL, &cksum);
+}
+
+static void
+fuzz_crypt(krb5_keyblock keyblock, krb5_enctype enctype,
+           krb5_keyusage usage, krb5_data data)
+{
+    krb5_error_code ret;
+    krb5_enc_data encoded = { 0 };
+    krb5_data decoded = empty_data();
+    size_t enclen;
+
+    ret = krb5_c_encrypt_length(NULL, enctype, data.length, &enclen);
+    if (ret)
+        return;
+
+    encoded.magic = KV5M_ENC_DATA;
+    encoded.enctype = enctype;
+
+    ret = alloc_data(&encoded.ciphertext, enclen);
+    if (ret)
+        return;
+
+    ret = alloc_data(&decoded, data.length);
+    if (ret) {
+        krb5_free_data_contents(NULL, &encoded.ciphertext);
+        return;
+    }
+
+    ret = krb5_c_encrypt(NULL, &keyblock, usage, NULL, &data, &encoded);
+    if (ret)
+        goto cleanup;
+
+    ret = krb5_c_decrypt(NULL, &keyblock, usage, NULL, &encoded, &decoded);
+    if (ret)
+        goto cleanup;
+
+    if (memcmp(data.data, decoded.data, data.length) != 0)
+        abort();
+
+cleanup:
+    krb5_free_data_contents(NULL, &encoded.ciphertext);
+    krb5_free_data_contents(NULL, &decoded);
+}
+
+static void
+fuzz_prf(krb5_keyblock keyblock, krb5_enctype enctype, krb5_data data)
+{
+    krb5_error_code ret;
+    krb5_data output;
+    size_t prfsz;
+
+    ret = krb5_c_prf_length(NULL, enctype, &prfsz);
+    if (ret)
+        return;
+
+    ret = alloc_data(&output, prfsz);
+    if (ret)
+        return;
+
+    krb5_c_prf(NULL, &keyblock, &data, &output);
+
+    krb5_free_data_contents(NULL, &output);
+}
+
+static void
+fuzz_setup(krb5_enctype enctype, krb5_cksumtype sumtype,
+           krb5_keyusage usage, krb5_data data)
+{
+    krb5_error_code ret;
+    krb5_keyblock keyblock;
+
+    ret = krb5_c_make_random_key(NULL, enctype, &keyblock);
+    if (ret)
+        return;
+
+    fuzz_checksum(sumtype, keyblock, usage, data);
+    fuzz_crypt(keyblock, enctype, usage, data);
+    fuzz_prf(keyblock, enctype, data);
+
+    krb5_free_keyblock_contents(NULL, &keyblock);
+}
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_data data_in;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    fuzz_setup(ENCTYPE_DES3_CBC_SHA1, CKSUMTYPE_HMAC_SHA1_DES3, 0, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC, CKSUMTYPE_MD5_HMAC_ARCFOUR, 1, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC, CKSUMTYPE_HMAC_MD5_ARCFOUR, 2, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC_EXP, CKSUMTYPE_RSA_MD4, 3, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC_EXP, CKSUMTYPE_RSA_MD5, 4, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC_EXP, CKSUMTYPE_SHA1, 5, data_in);
+    fuzz_setup(ENCTYPE_AES128_CTS_HMAC_SHA1_96, CKSUMTYPE_HMAC_SHA1_96_AES128,
+               6, data_in);
+    fuzz_setup(ENCTYPE_AES256_CTS_HMAC_SHA1_96, CKSUMTYPE_HMAC_SHA1_96_AES256,
+               7, data_in);
+    fuzz_setup(ENCTYPE_CAMELLIA128_CTS_CMAC, CKSUMTYPE_CMAC_CAMELLIA128,
+               8, data_in);
+    fuzz_setup(ENCTYPE_CAMELLIA256_CTS_CMAC, CKSUMTYPE_CMAC_CAMELLIA256,
+               9, data_in);
+    fuzz_setup(ENCTYPE_AES128_CTS_HMAC_SHA256_128,
+               CKSUMTYPE_HMAC_SHA256_128_AES128, 10, data_in);
+    fuzz_setup(ENCTYPE_AES256_CTS_HMAC_SHA384_192,
+               CKSUMTYPE_HMAC_SHA384_192_AES256, 11, data_in);
+
+    return 0;
+}
diff --git a/src/tests/fuzzing/fuzz_crypto_seed_corpus/input.bin b/src/tests/fuzzing/fuzz_crypto_seed_corpus/input.bin
new file mode 100644
index 0000000000..13f3fcbe05
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_crypto_seed_corpus/input.bin
@@ -0,0 +1 @@
+brrr
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_des.c b/src/tests/fuzzing/fuzz_des.c
new file mode 100644
index 0000000000..08efb38b29
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_des.c
@@ -0,0 +1,109 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_des.c - fuzzing harness for DES functions */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <des_int.h>
+
+#include <f_cbc.c>
+
+#define kMinInputLength 32
+#define kMaxInputLength 128
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+uint8_t default_ivec[8] = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };
+
+static void
+fuzz_des(uint8_t *input, mit_des_key_schedule sched)
+{
+    uint8_t encrypt[8], decrypt[8];
+
+    mit_des_cbc_encrypt((const mit_des_cblock *)input,
+                        (mit_des_cblock *)encrypt, 8,
+                        sched, default_ivec, MIT_DES_ENCRYPT);
+
+    mit_des_cbc_encrypt((const mit_des_cblock *)encrypt,
+                        (mit_des_cblock *)decrypt, 8,
+                        sched, default_ivec, MIT_DES_DECRYPT);
+
+    if (memcmp(input, decrypt, 8) != 0)
+        abort();
+}
+
+static void
+fuzz_decrypt(uint8_t *input, mit_des_key_schedule sched)
+{
+    uint8_t output[8];
+
+    mit_des_cbc_encrypt((const mit_des_cblock *)input,
+                        (mit_des_cblock *)output, 8,
+                        sched, default_ivec, MIT_DES_DECRYPT);
+}
+
+static void
+fuzz_cksum(uint8_t *input, mit_des_key_schedule sched)
+{
+    uint8_t output[8];
+
+    mit_des_cbc_cksum(input, output, 8, sched, default_ivec);
+}
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    mit_des_key_schedule sched;
+    uint8_t *data_in, input[8];
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    memcpy(input, data, 8);
+    ret = mit_des_key_sched(input, sched);
+    if (ret)
+        return 0;
+
+    memcpy(input, data + 8, 8);
+    fuzz_des(input, sched);
+
+    memcpy(input, data + 16, 8);
+    fuzz_decrypt(input, sched);
+
+    data_in = k5memdup(data + 24, size - 24, &ret);
+    if (ret)
+        return 0;
+
+    fuzz_cksum(data_in, sched);
+    free(data_in);
+
+    return 0;
+}
diff --git a/src/tests/fuzzing/fuzz_des_seed_corpus/input.bin b/src/tests/fuzzing/fuzz_des_seed_corpus/input.bin
new file mode 100644
index 0000000000..6607c59ab3
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_des_seed_corpus/input.bin
@@ -0,0 +1 @@
+brrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_kdc.c b/src/tests/fuzzing/fuzz_kdc.c
new file mode 100644
index 0000000000..59457e282c
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_kdc.c
@@ -0,0 +1,72 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_kdc.c - fuzzing harness for KDC replay cache */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+
+#include <replay.c>
+
+#define kMinInputLength 2
+#define kMaxInputLength 256
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_context context = NULL;
+    krb5_data req, rep;
+    struct entry *e;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return 0;
+
+    ret = kdc_init_lookaside(context);
+    if (ret)
+        goto cleanup;
+
+    req = make_data((void *)data, size);
+    rep = make_data((void *)data, size - 1);
+
+    e = insert_entry(context, &req, &rep, 0);
+    discard_entry(context, e);
+
+    kdc_free_lookaside(context);
+
+cleanup:
+    krb5_free_context(context);
+
+    return 0;
+}
diff --git a/src/tests/fuzzing/fuzz_kdc_seed_corpus/input.bin b/src/tests/fuzzing/fuzz_kdc_seed_corpus/input.bin
new file mode 100644
index 0000000000..6605099dcb
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_kdc_seed_corpus/input.bin
@@ -0,0 +1 @@
+I Had Strings, But now i'm free.
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb.c b/src/tests/fuzzing/fuzz_krb.c
new file mode 100644
index 0000000000..61f16765db
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb.c
@@ -0,0 +1,170 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/krb.c - fuzzing harness for miscellaneous libkrb5 functions */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 512
+
+#define ANAME_SZ 40
+#define INST_SZ  40
+#define REALM_SZ  40
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static void
+fuzz_deltat(char *data_in)
+{
+    krb5_deltat result;
+    krb5_string_to_deltat(data_in, &result);
+}
+
+static void
+fuzz_host_string(char *data_in)
+{
+    krb5_error_code ret;
+    char *host;
+    int port = -1;
+
+    ret = k5_parse_host_string(data_in, 0, &host, &port);
+    if (!ret)
+        free(host);
+}
+
+static void
+fuzz_princ(krb5_context context, char *data_in)
+{
+    krb5_error_code ret;
+    krb5_principal p;
+    char *princ;
+
+    ret = krb5_parse_name(context, data_in, &p);
+    if (ret)
+        return;
+
+    ret = krb5_unparse_name(context, p, &princ);
+    if (!ret)
+        free(princ);
+
+    krb5_free_principal(context, p);
+}
+
+static void
+fuzz_principal_425(krb5_context context, char *data_in)
+{
+    krb5_principal princ;
+    krb5_425_conv_principal(context, data_in, data_in, data_in, &princ);
+    krb5_free_principal(context, princ);
+}
+
+static void
+fuzz_principal_524(krb5_context context, char *data_in)
+{
+    krb5_error_code ret;
+    krb5_principal princ = 0;
+    char aname[ANAME_SZ + 1], inst[INST_SZ + 1], realm[REALM_SZ + 1];
+
+    aname[ANAME_SZ] = inst[INST_SZ] = realm[REALM_SZ] = 0;
+
+    ret = krb5_parse_name(context, data_in, &princ);
+    if (ret)
+        return;
+
+    krb5_524_conv_principal(context, princ, aname, inst, realm);
+    krb5_free_principal(context, princ);
+}
+
+static void
+fuzz_timestamp(char *data_in)
+{
+    krb5_error_code ret;
+    krb5_timestamp timestamp;
+
+    ret = krb5_string_to_timestamp(data_in, &timestamp);
+    if (!ret)
+        ts2tt(timestamp);
+}
+
+/*
+ * data_in is going to be modified during parsing.
+ */
+static void
+fuzz_enctype_list(char *data_in)
+{
+    krb5_error_code ret;
+    krb5_context context;
+    krb5_enctype *ienc, zero = 0;
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return;
+
+    ret = krb5int_parse_enctype_list(context, "", data_in, &zero, &ienc);
+    if (!ret)
+        free(ienc);
+
+    krb5_free_context(context);
+}
+
+extern int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_context context = NULL;
+    char *data_in;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return 0;
+
+    data_in = k5memdup0(data, size, &ret);
+    if (ret)
+        goto cleanup;
+
+    fuzz_deltat(data_in);
+    fuzz_host_string(data_in);
+    fuzz_princ(context, data_in);
+    fuzz_principal_425(context, data_in);
+    fuzz_principal_524(context, data_in);
+    fuzz_timestamp(data_in);
+    fuzz_enctype_list(data_in);
+
+    free(data_in);
+
+cleanup:
+    krb5_free_context(context);
+
+    return 0;
+}
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/deltat.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/deltat.bin
new file mode 100644
index 0000000000..eaca6be22c
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/deltat.bin
@@ -0,0 +1 @@
+-35791394m-9s
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_1.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_1.bin
new file mode 100644
index 0000000000..47fb41b9bf
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_1.bin
@@ -0,0 +1 @@
+default -aes128-cts -des-hmac-sha1
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_2.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_2.bin
new file mode 100644
index 0000000000..8c5071abdf
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_2.bin
@@ -0,0 +1 @@
+aes des3-cbc-sha1-kd
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_3.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_3.bin
new file mode 100644
index 0000000000..ac635ee6a3
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_3.bin
@@ -0,0 +1 @@
+camellia -camellia256-cts-cmac
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_4.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_4.bin
new file mode 100644
index 0000000000..4ddee4c530
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_4.bin
@@ -0,0 +1 @@
+DEFAULT +aes -arcfour-hmac-md5
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_5.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_5.bin
new file mode 100644
index 0000000000..5892bca7f4
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_5.bin
@@ -0,0 +1 @@
+DEFAULT -des3 rc4-hmac rc4-hmac-exp
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_6.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_6.bin
new file mode 100644
index 0000000000..6501ba6fef
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_6.bin
@@ -0,0 +1 @@
+des3 +DEFAULT
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_7.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_7.bin
new file mode 100644
index 0000000000..09d89bf33e
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_7.bin
@@ -0,0 +1 @@
+aes +rc4 -DEFaulT des3-hmac-sha1
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_11.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_11.bin
new file mode 100644
index 0000000000..6a1a02e570
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_11.bin
@@ -0,0 +1 @@
+70000
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_12.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_12.bin
new file mode 100644
index 0000000000..fe9049d246
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_12.bin
@@ -0,0 +1 @@
+test.example:F101
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_2.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_2.bin
new file mode 100644
index 0000000000..3fc5c1775c
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_2.bin
@@ -0,0 +1 @@
+192.168.1.1
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_4.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_4.bin
new file mode 100644
index 0000000000..9ca257a84a
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_4.bin
@@ -0,0 +1 @@
+[BEEF:CAFE:FEED:FACE:DEAD:BEEF:DEAF:BABE]
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_5.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_5.bin
new file mode 100644
index 0000000000..3081d9b01a
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_5.bin
@@ -0,0 +1 @@
+[BEEF:CAFE:FEED:FACE:DEAD:BEEF:DEAF:BABE]:250
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_8.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_8.bin
new file mode 100644
index 0000000000..4fef47ce34
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_8.bin
@@ -0,0 +1 @@
+:300
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_9.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_9.bin
new file mode 100644
index 0000000000..0dbf139f8d
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_9.bin
@@ -0,0 +1 @@
+350
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/parse_name.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/parse_name.bin
new file mode 100644
index 0000000000..2cfb7c29b5
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/parse_name.bin
@@ -0,0 +1 @@
+lha@SU.SE
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_krb_seed_corpus/principal_425_name.bin b/src/tests/fuzzing/fuzz_krb_seed_corpus/principal_425_name.bin
new file mode 100644
index 0000000000..1f0e72453f
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_krb_seed_corpus/principal_425_name.bin
@@ -0,0 +1 @@
+kadmin
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_oid.c b/src/tests/fuzzing/fuzz_oid.c
new file mode 100644
index 0000000000..d397d48610
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_oid.c
@@ -0,0 +1,65 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_oid.c - fuzzing harness for GSS OID conversions */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <gssapi/gssapi_krb5.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    OM_uint32 minor;
+    gss_buffer_desc buf;
+    gss_OID oid;
+    gss_OID_desc oid_desc;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    oid_desc.elements = (void *)data;
+    oid_desc.length = size;
+
+    gss_oid_to_str(&minor, &oid_desc, &buf);
+    gss_release_buffer(&minor, &buf);
+
+    buf.value = (void *)data;
+    buf.length = size;
+
+    gss_str_to_oid(&minor, &buf, &oid);
+    gss_release_oid(&minor, &oid);
+
+    return 0;
+}
diff --git a/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_19.bin b/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_19.bin
new file mode 100644
index 0000000000..16e0e90df0
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_19.bin
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_20.bin b/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_20.bin
new file mode 100644
index 0000000000000000000000000000000000000000..8b040ead36e9d32df7a5d8dfc594b6130bf3fc4a
GIT binary patch
literal 2
Jc-m`Z000350D=Gj

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_21.bin b/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_21.bin
new file mode 100644
index 0000000000000000000000000000000000000000..6b58abecd6cd17896ee7658d1e5b05b7b66d05a7
GIT binary patch
literal 3
Kc-m`hU;qFDh5-Tq

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_22.bin b/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_22.bin
new file mode 100644
index 0000000000000000000000000000000000000000..09f370e38f498a462e1ca0faa724559b6630c04f
GIT binary patch
literal 2
Jc-muN0000200961

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_24.bin b/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_24.bin
new file mode 100644
index 0000000000000000000000000000000000000000..8fdfd1779b7e4fade0566fef807bd9ab053364ca
GIT binary patch
literal 4
Lc-muVWMBXQ0fzvB

literal 0
Hc-jL100001

diff --git a/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_8.bin b/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_8.bin
new file mode 100644
index 0000000000..091299428a
--- /dev/null
+++ b/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_8.bin
@@ -0,0 +1 @@
+*†H†÷

\ No newline at end of file
diff --git a/src/tests/fuzzing/oss-fuzz.sh b/src/tests/fuzzing/oss-fuzz.sh
index 868d0db1f3..b01d4bcbd2 100644
--- a/src/tests/fuzzing/oss-fuzz.sh
+++ b/src/tests/fuzzing/oss-fuzz.sh
@@ -15,9 +15,10 @@ popd
 # Copy fuzz targets and seed corpus to $OUT.
 pushd src/tests/fuzzing
 
-fuzzers=("fuzz_chpw" "fuzz_gss" "fuzz_json" "fuzz_krad" "fuzz_krb5_ticket"
-        "fuzz_marshal_cred" "fuzz_marshal_princ" "fuzz_ndr" "fuzz_pac"
-        "fuzz_profile" "fuzz_util")
+fuzzers=("fuzz_aes" "fuzz_asn" "fuzz_attrset" "fuzz_chpw" "fuzz_crypto"
+         "fuzz_des" "fuzz_gss" "fuzz_json" "fuzz_kdc" "fuzz_krad" "fuzz_krb"
+         "fuzz_krb5_ticket" "fuzz_marshal_cred" "fuzz_marshal_princ"
+         "fuzz_ndr" "fuzz_oid" "fuzz_pac" "fuzz_profile" "fuzz_util")
 
 for fuzzer in "${fuzzers[@]}"; do
     cp "$fuzzer" "$OUT/$fuzzer"
-- 
2.47.2