166 files changed, 2409 insertions, 0 deletions
diff --git a/crypto/krb5/src/tests/fuzzing/Makefile.in b/crypto/krb5/src/tests/fuzzing/Makefile.in
new file mode 100644
index 000000000000..15bbbbf1a853
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/Makefile.in
@@ -0,0 +1,138 @@
+mydir=tests$(S)fuzzing
+BUILDTOP=$(REL)..$(S)..
+
+LOCALINCLUDES= \
+	-I$(srcdir)/../../lib/crypto/krb -I$(srcdir)/../../lib/krad \
+	-I$(srcdir)/../../lib/crypto/builtin/des -I$(srcdir)/../../kdc \
+	-I$(srcdir)/../../lib/krb5/ccache -I$(srcdir)/../../util/profile \
+	-I$(srcdir)/../../util/support
+
+OBJS= \
+	fuzz_aes.o \
+	fuzz_asn.o \
+	fuzz_attrset.o \
+	fuzz_chpw.o \
+	fuzz_crypto.o \
+	fuzz_des.o \
+	fuzz_gss.o \
+	fuzz_json.o \
+	fuzz_kdc.o \
+	fuzz_krad.o \
+	fuzz_krb.o \
+	fuzz_krb5_ticket.o \
+	fuzz_marshal_cred.o \
+	fuzz_marshal_princ.o \
+	fuzz_ndr.o \
+	fuzz_oid.o \
+	fuzz_pac.o \
+	fuzz_profile.o \
+	fuzz_util.o
+
+SRCS= \
+	$(srcdir)/fuzz_aes.c \
+	$(srcdir)/fuzz_asn.c \
+	$(srcdir)/fuzz_attrset.c \
+	$(srcdir)/fuzz_chpw.c \
+	$(srcdir)/fuzz_crypto.c \
+	$(srcdir)/fuzz_des.c \
+	$(srcdir)/fuzz_gss.c \
+	$(srcdir)/fuzz_json.c \
+	$(srcdir)/fuzz_kdc.c \
+	$(srcdir)/fuzz_krad.c \
+	$(srcdir)/fuzz_krb.c \
+	$(srcdir)/fuzz_krb5_ticket.c \
+	$(srcdir)/fuzz_marshal_cred.c \
+	$(srcdir)/fuzz_marshal_princ.c \
+	$(srcdir)/fuzz_ndr.c \
+	$(srcdir)/fuzz_oid.c \
+	$(srcdir)/fuzz_pac.c \
+	$(srcdir)/fuzz_profile.c \
+	$(srcdir)/fuzz_util.c
+
+FUZZ_TARGETS= \
+	fuzz_aes \
+	fuzz_asn \
+	fuzz_attrset \
+	fuzz_chpw \
+	fuzz_crypto \
+	fuzz_des \
+	fuzz_gss \
+	fuzz_json \
+	fuzz_kdc \
+	fuzz_krad \
+	fuzz_krb \
+	fuzz_krb5_ticket \
+	fuzz_marshal_cred \
+	fuzz_marshal_princ \
+	fuzz_ndr \
+	fuzz_oid \
+	fuzz_pac \
+	fuzz_profile \
+	fuzz_util
+
+all: $(FUZZ_TARGETS)
+
+# OSS-Fuzz requires fuzz targets to be linked with the C++ linker,
+# even if they are written in C.
+
+fuzz_aes: fuzz_aes.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_aes.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_asn: fuzz_asn.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_asn.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_attrset: fuzz_attrset.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_attrset.o -lkrad $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_chpw: fuzz_chpw.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_chpw.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_crypto: fuzz_crypto.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_crypto.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_des: fuzz_des.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_des.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_gss: fuzz_gss.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_gss.o $(GSS_LIBS) $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_json: fuzz_json.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_json.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_kdc: fuzz_kdc.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_kdc.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_krad: fuzz_krad.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_krad.o -lkrad $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_krb: fuzz_krb.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_krb.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_krb5_ticket: fuzz_krb5_ticket.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_krb5_ticket.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_marshal_cred: fuzz_marshal_cred.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_marshal_cred.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_marshal_princ: fuzz_marshal_princ.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_marshal_princ.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_ndr: fuzz_ndr.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_ndr.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_oid: fuzz_oid.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_oid.o $(GSS_LIBS) $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_pac: fuzz_pac.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_pac.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_profile: fuzz_profile.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_profile.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+fuzz_util: fuzz_util.o $(KRB5_BASE_DEPLIBS)
+	$(CXX_LINK) -o $@ fuzz_util.o $(KRB5_BASE_LIBS) $(FUZZ_LDFLAGS)
+
+install:
+
+clean:
+	$(RM) $(FUZZ_TARGETS)
diff --git a/crypto/krb5/src/tests/fuzzing/README b/crypto/krb5/src/tests/fuzzing/README
new file mode 100644
index 000000000000..d1338249cdd6
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/README
@@ -0,0 +1,26 @@
+This directory builds fuzzing targets for oss-fuzz compatibility.
+ If you wish to build it locally, you can do so by using the given
+ guide below. Note that it only works on GNU/Linux.
+
+Export flags required for building fuzzing targets.
+```bash
+export CC=clang
+export CXX=clang++
+export CFLAGS="-g -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize=fuzzer-no-link"
+export CXXFLAGS="-g -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize=fuzzer-no-link"
+export LIB_FUZZING_ENGINE="-fsanitize=fuzzer"
+```
+
+Compilation of the fuzzing targets.
+```bash
+autoreconf
+./configure CFLAGS="-fcommon $CFLAGS" CXXFLAGS="-fcommon $CXXFLAGS" \
+    --enable-static --disable-shared --enable-ossfuzz
+make
+```
+
+Running fuzzing targets.
+```bash
+mkdir fuzz_${TARGET}_corpus
+./fuzz_${TARGET} fuzz_${TARGET}_corpus/ fuzz_${TARGET}_seed_corpus
+```
diff --git a/crypto/krb5/src/tests/fuzzing/deps b/crypto/krb5/src/tests/fuzzing/deps
new file mode 100644
index 000000000000..fbd77e8ea9b5
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/deps
@@ -0,0 +1,222 @@
+#
+# Generated makefile dependencies follow.
+#
+$(OUTPRE)fuzz_aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../lib/crypto/krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_aes.c
+$(OUTPRE)fuzz_asn.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-spake.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_asn.c
+$(OUTPRE)fuzz_attrset.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
+  $(srcdir)/../../lib/krad/internal.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krad.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_attrset.c
+$(OUTPRE)fuzz_chpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h fuzz_chpw.c
+$(OUTPRE)fuzz_crypto.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../lib/crypto/krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_crypto.c
+$(OUTPRE)fuzz_des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../lib/crypto/builtin/des/des_int.h \
+  $(srcdir)/../../lib/crypto/builtin/des/f_cbc.c $(srcdir)/../../lib/crypto/builtin/des/f_tables.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_des.c
+$(OUTPRE)fuzz_gss.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/gssapi.h $(top_srcdir)/include/krb5.h \
+  fuzz_gss.c
+$(OUTPRE)fuzz_json.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-json.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_json.c
+$(OUTPRE)fuzz_kdc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
+  $(srcdir)/../../kdc/extern.h $(srcdir)/../../kdc/kdc_util.h \
+  $(srcdir)/../../kdc/realm_data.h $(srcdir)/../../kdc/replay.c \
+  $(srcdir)/../../kdc/reqstate.h $(top_srcdir)/include/gssrpc/auth.h \
+  $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
+  $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
+  $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
+  $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
+  $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-hashtab.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-queue.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/kdcpreauth_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/net-server.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_kdc.c
+$(OUTPRE)fuzz_krad.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krad.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h fuzz_krad.c
+$(OUTPRE)fuzz_krb.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-base64.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-hex.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h fuzz_krb.c
+$(OUTPRE)fuzz_krb5_ticket.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h fuzz_krb5_ticket.c
+$(OUTPRE)fuzz_marshal_cred.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../lib/krb5/ccache/cc-int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_marshal_cred.c
+$(OUTPRE)fuzz_marshal_princ.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../lib/krb5/ccache/cc-int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_marshal_princ.c
+$(OUTPRE)fuzz_ndr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
+  $(srcdir)/../../kdc/kdc_util.h $(srcdir)/../../kdc/ndr.c \
+  $(srcdir)/../../kdc/realm_data.h $(srcdir)/../../kdc/reqstate.h \
+  $(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \
+  $(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \
+  $(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \
+  $(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \
+  $(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-input.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/k5-utf8.h $(top_srcdir)/include/kdb.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/kdcpreauth_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/net-server.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h fuzz_ndr.c
+$(OUTPRE)fuzz_oid.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
+  $(BUILDTOP)/include/gssapi/gssapi_krb5.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  fuzz_oid.c
+$(OUTPRE)fuzz_pac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h fuzz_pac.c
+$(OUTPRE)fuzz_profile.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../util/profile/prof_int.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  fuzz_profile.c
+$(OUTPRE)fuzz_util.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../util/support/hashtab.c \
+  $(top_srcdir)/include/k5-base64.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-hashtab.h $(top_srcdir)/include/k5-hex.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-queue.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/k5-utf8.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h fuzz_util.c
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_aes.c b/crypto/krb5/src/tests/fuzzing/fuzz_aes.c
new file mode 100644
index 000000000000..ea4d8492ba19
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_aes.c
@@ -0,0 +1,104 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_aes.c - fuzzing harness for AES encryption/decryption */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <crypto_int.h>
+
+#define kMinInputLength 48
+#define kMaxInputLength 512
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static void
+fuzz_aes(const uint8_t *data, size_t size, size_t key_size, krb5_enctype etype)
+{
+    krb5_error_code ret;
+    krb5_keyblock keyblock;
+    krb5_crypto_iov iov;
+    krb5_key key = NULL;
+    char *aeskey = NULL, *data_in = NULL;
+    char encivbuf[16] = { 0 }, decivbuf[16] = { 0 };
+    krb5_data enciv = make_data(encivbuf, 16), deciv = make_data(decivbuf, 16);
+
+    aeskey = k5memdup(data, key_size, &ret);
+    if (ret)
+        return;
+
+    data_in = k5memdup(data + key_size, size - key_size, &ret);
+    if (ret)
+        goto cleanup;
+
+    keyblock.contents = (krb5_octet *)aeskey;
+    keyblock.length = key_size;
+    keyblock.enctype = etype;
+
+    ret = krb5_k_create_key(NULL, &keyblock, &key);
+    if (ret)
+        goto cleanup;
+
+    iov.flags = KRB5_CRYPTO_TYPE_DATA;
+    iov.data = make_data(data_in, size - key_size);
+
+    /* iov.data.data is input and output buffer */
+    ret = krb5int_aes_encrypt(key, &enciv, &iov, 1);
+    if (ret)
+        goto cleanup;
+
+    ret = krb5int_aes_decrypt(key, &deciv, &iov, 1);
+    if (ret)
+        goto cleanup;
+
+    /* Check that decryption result matches original plaintext. */
+    ret = memcmp(data_in, data + key_size, size - key_size);
+    if (ret)
+        abort();
+
+    (void)krb5int_aes_decrypt(key, &deciv, &iov, 1);
+
+cleanup:
+    free(aeskey);
+    free(data_in);
+    krb5_k_free_key(NULL, key);
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    fuzz_aes(data, size, 16, ENCTYPE_AES128_CTS_HMAC_SHA1_96);
+    fuzz_aes(data, size, 16, ENCTYPE_AES256_CTS_HMAC_SHA1_96);
+    fuzz_aes(data, size, 32, ENCTYPE_AES128_CTS_HMAC_SHA1_96);
+    fuzz_aes(data, size, 32, ENCTYPE_AES256_CTS_HMAC_SHA1_96);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_aes_seed_corpus/input.bin b/crypto/krb5/src/tests/fuzzing/fuzz_aes_seed_corpus/input.bin
new file mode 100644
index 000000000000..5e4c069476b7
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_aes_seed_corpus/input.bin
@@ -0,0 +1 @@
+I would like the General Gau's Chicken, please, and wonton soup.
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn.c b/crypto/krb5/src/tests/fuzzing/fuzz_asn.c
new file mode 100644
index 000000000000..be3fdb71ded9
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn.c
@@ -0,0 +1,188 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_asn.c - fuzzing harness for ASN.1 encoding/decoding */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-spake.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 2048
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static void
+free_cred_enc_part_whole(krb5_context ctx, krb5_cred_enc_part *val)
+{
+    krb5_free_cred_enc_part(ctx, val);
+    free(val);
+}
+
+static void
+free_kkdcp_message(krb5_context context, krb5_kkdcp_message *val)
+{
+    if (val == NULL)
+        return;
+    free(val->kerb_message.data);
+    free(val->target_domain.data);
+    free(val);
+}
+
+#define FUZZ_ASAN(type, encoder, decoder, freefn) do {   \
+        type *v;                                         \
+        krb5_data *data_out = NULL;                      \
+                                                         \
+        if ((*decoder)(&data_in, &v) != 0)               \
+            break;                                       \
+                                                         \
+        (*encoder)(v, &data_out);                        \
+        krb5_free_data(context, data_out);               \
+        (*freefn)(context, v);                           \
+    } while (0)
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_context context;
+    krb5_data data_in;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    if (krb5_init_context(&context))
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    /* Adapted from krb5_decode_leak.c */
+    FUZZ_ASAN(krb5_authenticator, encode_krb5_authenticator,
+              decode_krb5_authenticator, krb5_free_authenticator);
+    FUZZ_ASAN(krb5_ticket, encode_krb5_ticket, decode_krb5_ticket,
+              krb5_free_ticket);
+    FUZZ_ASAN(krb5_keyblock, encode_krb5_encryption_key,
+              decode_krb5_encryption_key, krb5_free_keyblock);
+    FUZZ_ASAN(krb5_enc_tkt_part, encode_krb5_enc_tkt_part,
+              decode_krb5_enc_tkt_part, krb5_free_enc_tkt_part);
+    FUZZ_ASAN(krb5_enc_kdc_rep_part, encode_krb5_enc_kdc_rep_part,
+              decode_krb5_enc_kdc_rep_part, krb5_free_enc_kdc_rep_part);
+    FUZZ_ASAN(krb5_kdc_rep, encode_krb5_as_rep, decode_krb5_as_rep,
+              krb5_free_kdc_rep);
+    FUZZ_ASAN(krb5_kdc_rep, encode_krb5_tgs_rep, decode_krb5_tgs_rep,
+              krb5_free_kdc_rep);
+    FUZZ_ASAN(krb5_ap_req, encode_krb5_ap_req, decode_krb5_ap_req,
+              krb5_free_ap_req);
+    FUZZ_ASAN(krb5_ap_rep, encode_krb5_ap_rep, decode_krb5_ap_rep,
+              krb5_free_ap_rep);
+    FUZZ_ASAN(krb5_ap_rep_enc_part, encode_krb5_ap_rep_enc_part,
+              decode_krb5_ap_rep_enc_part, krb5_free_ap_rep_enc_part);
+    FUZZ_ASAN(krb5_kdc_req, encode_krb5_as_req, decode_krb5_as_req,
+              krb5_free_kdc_req);
+    FUZZ_ASAN(krb5_kdc_req, encode_krb5_tgs_req, decode_krb5_tgs_req,
+              krb5_free_kdc_req);
+    FUZZ_ASAN(krb5_kdc_req, encode_krb5_kdc_req_body, decode_krb5_kdc_req_body,
+              krb5_free_kdc_req);
+    FUZZ_ASAN(krb5_safe, encode_krb5_safe, decode_krb5_safe, krb5_free_safe);
+    FUZZ_ASAN(krb5_priv, encode_krb5_priv, decode_krb5_priv, krb5_free_priv);
+    FUZZ_ASAN(krb5_priv_enc_part, encode_krb5_enc_priv_part,
+              decode_krb5_enc_priv_part, krb5_free_priv_enc_part);
+    FUZZ_ASAN(krb5_cred, encode_krb5_cred, decode_krb5_cred, krb5_free_cred);
+    FUZZ_ASAN(krb5_cred_enc_part, encode_krb5_enc_cred_part,
+              decode_krb5_enc_cred_part, free_cred_enc_part_whole);
+    FUZZ_ASAN(krb5_error, encode_krb5_error, decode_krb5_error,
+              krb5_free_error);
+    FUZZ_ASAN(krb5_authdata *, encode_krb5_authdata, decode_krb5_authdata,
+              krb5_free_authdata);
+    FUZZ_ASAN(krb5_pa_data *, encode_krb5_padata_sequence,
+              decode_krb5_padata_sequence, krb5_free_pa_data);
+    FUZZ_ASAN(krb5_pa_data *, encode_krb5_typed_data,
+              decode_krb5_typed_data, krb5_free_pa_data);
+    FUZZ_ASAN(krb5_etype_info_entry *, encode_krb5_etype_info,
+              decode_krb5_etype_info, krb5_free_etype_info);
+    FUZZ_ASAN(krb5_etype_info_entry *, encode_krb5_etype_info2,
+              decode_krb5_etype_info2, krb5_free_etype_info);
+    FUZZ_ASAN(krb5_pa_enc_ts, encode_krb5_pa_enc_ts, decode_krb5_pa_enc_ts,
+              krb5_free_pa_enc_ts);
+    FUZZ_ASAN(krb5_enc_data, encode_krb5_enc_data, decode_krb5_enc_data,
+              krb5_free_enc_data);
+    FUZZ_ASAN(krb5_sam_challenge_2, encode_krb5_sam_challenge_2,
+              decode_krb5_sam_challenge_2, krb5_free_sam_challenge_2);
+    FUZZ_ASAN(krb5_sam_challenge_2_body, encode_krb5_sam_challenge_2_body,
+              decode_krb5_sam_challenge_2_body,
+              krb5_free_sam_challenge_2_body);
+    FUZZ_ASAN(krb5_sam_response_2, encode_krb5_sam_response_2,
+              decode_krb5_sam_response_2, krb5_free_sam_response_2);
+    FUZZ_ASAN(krb5_enc_sam_response_enc_2, encode_krb5_enc_sam_response_enc_2,
+              decode_krb5_enc_sam_response_enc_2,
+              krb5_free_enc_sam_response_enc_2);
+    FUZZ_ASAN(krb5_pa_for_user, encode_krb5_pa_for_user,
+              decode_krb5_pa_for_user, krb5_free_pa_for_user);
+    FUZZ_ASAN(krb5_pa_s4u_x509_user, encode_krb5_pa_s4u_x509_user,
+              decode_krb5_pa_s4u_x509_user, krb5_free_pa_s4u_x509_user);
+    FUZZ_ASAN(krb5_ad_kdcissued, encode_krb5_ad_kdcissued,
+              decode_krb5_ad_kdcissued, krb5_free_ad_kdcissued);
+    FUZZ_ASAN(krb5_iakerb_header, encode_krb5_iakerb_header,
+              decode_krb5_iakerb_header, krb5_free_iakerb_header);
+    FUZZ_ASAN(krb5_iakerb_finished, encode_krb5_iakerb_finished,
+              decode_krb5_iakerb_finished, krb5_free_iakerb_finished);
+    FUZZ_ASAN(krb5_fast_response, encode_krb5_fast_response,
+              decode_krb5_fast_response, krb5_free_fast_response);
+    FUZZ_ASAN(krb5_enc_data, encode_krb5_pa_fx_fast_reply,
+              decode_krb5_pa_fx_fast_reply, krb5_free_enc_data);
+
+    /* Adapted from krb5_encode_test.c */
+    FUZZ_ASAN(krb5_otp_tokeninfo, encode_krb5_otp_tokeninfo,
+              decode_krb5_otp_tokeninfo, k5_free_otp_tokeninfo);
+    FUZZ_ASAN(krb5_pa_otp_challenge, encode_krb5_pa_otp_challenge,
+              decode_krb5_pa_otp_challenge, k5_free_pa_otp_challenge);
+    FUZZ_ASAN(krb5_pa_otp_req, encode_krb5_pa_otp_req, decode_krb5_pa_otp_req,
+              k5_free_pa_otp_req);
+    FUZZ_ASAN(krb5_data, encode_krb5_pa_otp_enc_req,
+              decode_krb5_pa_otp_enc_req, krb5_free_data);
+    FUZZ_ASAN(krb5_kkdcp_message, encode_krb5_kkdcp_message,
+              decode_krb5_kkdcp_message, free_kkdcp_message);
+    FUZZ_ASAN(krb5_cammac, encode_krb5_cammac, decode_krb5_cammac,
+              k5_free_cammac);
+    FUZZ_ASAN(krb5_secure_cookie, encode_krb5_secure_cookie,
+              decode_krb5_secure_cookie, k5_free_secure_cookie);
+    FUZZ_ASAN(krb5_spake_factor, encode_krb5_spake_factor,
+              decode_krb5_spake_factor, k5_free_spake_factor);
+    FUZZ_ASAN(krb5_pa_spake, encode_krb5_pa_spake, decode_krb5_pa_spake,
+              k5_free_pa_spake);
+
+    /* Adapted from krb5_decode_test.c */
+    {
+        krb5_pa_pac_req *pa_pac_req = NULL;
+
+        if (decode_krb5_pa_pac_req(&data_in, &pa_pac_req) == 0)
+            free(pa_pac_req);
+    }
+
+    krb5_free_context(context);
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_3.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_3.bin
new file mode 100644
index 000000000000..26c78993edb1
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_3.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_4.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_4.bin
new file mode 100644
index 000000000000..6add5a8412c3
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_4.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_6.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_6.bin
new file mode 100644
index 000000000000..dc2f08684e14
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_authenticator_6.bin
@@ -0,0 +1,2 @@
+b��0����ATHENA.MIT.EDU�0��0hftsaiextra�0
+��1234��@�19940610060317Z�0��
+12345678������$0"0��foobar0��foobar
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_enc_tkt_part_30.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_enc_tkt_part_30.bin
new file mode 100644
index 000000000000..727a70f7db1f
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_enc_tkt_part_30.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_15.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_15.bin
new file mode 100644
index 000000000000..842a99d1b790
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_15.bin
@@ -0,0 +1,2 @@
+0��
+12345678�0�
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_21.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_21.bin
new file mode 100644
index 000000000000..ae4a8aa5d2e9
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_21.bin
@@ -0,0 +1,2 @@
+0���
+12345678
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_22.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_22.bin
new file mode 100644
index 000000000000..4bbedc1a50e4
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_22.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_24.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_24.bin
new file mode 100644
index 000000000000..c9ad2a5dc041
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_encryption_key_24.bin
@@ -0,0 +1,2 @@
+0�����
+12345678
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_fail_encryption_key_16.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_fail_encryption_key_16.bin
new file mode 100644
index 000000000000..2b8b75383855
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/decode_fail_encryption_key_16.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_auth_pack_80.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_auth_pack_80.bin
new file mode 100644
index 000000000000..ff246345f64b
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_auth_pack_80.bin
@@ -0,0 +1,4 @@
+0���503��@�19940610060317Z�*�1234�
+krb5data�pvalue�$0"0	*�H��params0	*�H���
+krb5data�00�
+krb5data
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_68.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_68.bin
new file mode 100644
index 000000000000..cbd0fd3cb20c
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_68.bin
@@ -0,0 +1 @@
+0�00��ad1
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_69.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_69.bin
new file mode 100644
index 000000000000..522634af2864
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_cammac_69.bin
@@ -0,0 +1,3 @@
+0��00��ad10��ad2�=0;�0��0hftsaiextra���0��
+cksumkdc�=0;�0��0hftsaiextra���0��
+cksumsvc�R0P0�0��cksum109�0��0hftsaiextra���0��cksum2
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_enc_data_47.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_enc_data_47.bin
new file mode 100644
index 000000000000..2cec584d9f4d
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_enc_data_47.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kdc_dh_key_info_81.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kdc_dh_key_info_81.bin
new file mode 100644
index 000000000000..a3427389f37e
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kdc_dh_key_info_81.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kkdcp_message_67.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kkdcp_message_67.bin
new file mode 100644
index 000000000000..5c52c94176bb
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_kkdcp_message_67.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ad_kdcissued_54.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ad_kdcissued_54.bin
new file mode 100644
index 000000000000..973cd47bfd3d
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ad_kdcissued_54.bin
@@ -0,0 +1 @@
+0e�0
+��1234�ATHENA.MIT.EDU�0��0hftsaiextra�$0"0��foobar0��foobar
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_rep_enc_part_16.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_rep_enc_part_16.bin
new file mode 100644
index 000000000000..3a7dcd135f86
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_rep_enc_part_16.bin
@@ -0,0 +1 @@
+{0�19940610060317Z��@
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_req_14.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_req_14.bin
new file mode 100644
index 000000000000..1e1861dd72a5
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_ap_req_14.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_rep_10.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_rep_10.bin
new file mode 100644
index 000000000000..6cb6811438de
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_rep_10.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_req_19.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_req_19.bin
new file mode 100644
index 000000000000..63f41f884c1a
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_as_req_19.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authdata_36.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authdata_36.bin
new file mode 100644
index 000000000000..ff84a122e0cb
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authdata_36.bin
@@ -0,0 +1 @@
+0"0��foobar0��foobar
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authenticator_2.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authenticator_2.bin
new file mode 100644
index 000000000000..7eb31e6e2333
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_authenticator_2.bin
@@ -0,0 +1 @@
+bO0M��ATHENA.MIT.EDU�0��0hftsaiextra��@�19940610060317Z
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_cred_31.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_cred_31.bin
new file mode 100644
index 000000000000..33f21c8627c1
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_cred_31.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_32.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_32.bin
new file mode 100644
index 000000000000..968faa53ee2e
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_32.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_33.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_33.bin
new file mode 100644
index 000000000000..e7d4d821db34
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_cred_part_33.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_kdc_rep_part_8.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_kdc_rep_part_8.bin
new file mode 100644
index 000000000000..318415638640
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_kdc_rep_part_8.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_29.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_29.bin
new file mode 100644
index 000000000000..9e2574c1c932
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_29.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_30.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_30.bin
new file mode 100644
index 000000000000..3c6f5d549c60
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_priv_part_30.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_5.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_5.bin
new file mode 100644
index 000000000000..5f74aeb23dbf
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_5.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_7.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_7.bin
new file mode 100644
index 000000000000..a674aadb77ac
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_enc_tkt_part_7.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_34.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_34.bin
new file mode 100644
index 000000000000..439eb171ceee
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_34.bin
@@ -0,0 +1,3 @@
+~��0�����19940610060317Z��@�19940610060317Z��@�<�ATHENA.MIT.EDU�0��0hftsaiextra�ATHENA.MIT.EDU�0��0hftsaiextra�
+krb5data�
+krb5data
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_35.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_35.bin
new file mode 100644
index 000000000000..588e77546add
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_error_35.bin
@@ -0,0 +1 @@
+~`0^����@�19940610060317Z��@�<�ATHENA.MIT.EDU�0��0hftsaiextra
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_43.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_43.bin
new file mode 100644
index 000000000000..c1bacbb8596a
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_43.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_44.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_44.bin
new file mode 100644
index 000000000000..14f1ad05f376
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info2_44.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_40.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_40.bin
new file mode 100644
index 000000000000..c34f5bc03b23
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_40.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_41.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_41.bin
new file mode 100644
index 000000000000..5672958b5ca6
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_etype_info_41.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_fast_response_57.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_fast_response_57.bin
new file mode 100644
index 000000000000..e4ff58a7f5b9
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_fast_response_57.bin
@@ -0,0 +1,2 @@
+0���&0$0�
+�	pa-data0�
+�	pa-data�0��
+12345678�[0Y�19940610060317Z��@�ATHENA.MIT.EDU�0��0hftsaiextra�0
+��1234�*
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_finished_56.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_finished_56.bin
new file mode 100644
index 000000000000..1ef561f50189
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_finished_56.bin
@@ -0,0 +1 @@
+0�0
+��1234
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_header_55.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_header_55.bin
new file mode 100644
index 000000000000..9d7097829438
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_iakerb_header_55.bin
@@ -0,0 +1,3 @@
+0�
+krb5data�
+krb5data
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_kdc_req_body_24.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_kdc_req_body_24.bin
new file mode 100644
index 000000000000..1f274fa96923
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_kdc_req_body_24.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_rep_13.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_rep_13.bin
new file mode 100644
index 000000000000..b46dd44b0666
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_rep_13.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_req_23.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_req_23.bin
new file mode 100644
index 000000000000..e925ec4d7035
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_krb5_tgs_req_23.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_otp_tokeninfo_61.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_otp_tokeninfo_61.bin
new file mode 100644
index 000000000000..61a1d1dfb0cf
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_otp_tokeninfo_61.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_enc_ts (no usec)_45.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_enc_ts (no usec)_45.bin
new file mode 100644
index 000000000000..127099627f6f
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_enc_ts (no usec)_45.bin
@@ -0,0 +1 @@
+0�19940610060317Z
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_for_user_53.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_for_user_53.bin
new file mode 100644
index 000000000000..c1249ff70092
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_for_user_53.bin
@@ -0,0 +1,2 @@
+0K�0��0hftsaiextra�ATHENA.MIT.EDU�0
+��1234�
+krb5data
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_fx_fast_reply_59.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_fx_fast_reply_59.bin
new file mode 100644
index 000000000000..2218e2bbe1fb
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_fx_fast_reply_59.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_challenge_63.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_challenge_63.bin
new file mode 100644
index 000000000000..119997b0088d
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_challenge_63.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_64.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_64.bin
new file mode 100644
index 000000000000..b5b27f372cbc
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_64.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_65.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_65.bin
new file mode 100644
index 000000000000..3490a8d66d31
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_otp_req_65.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_78.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_78.bin
new file mode 100644
index 000000000000..52bff24122c6
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_78.bin
@@ -0,0 +1,3 @@
+�(0&�krb5data�
+krb5data�0�
+krb5data
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_79.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_79.bin
new file mode 100644
index 000000000000..35d75453dfb4
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_pk_as_rep_79.bin
@@ -0,0 +1 @@
+�krb5data
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_s4u_x509_user_54.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_s4u_x509_user_54.bin
new file mode 100644
index 000000000000..595a37cde091
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_s4u_x509_user_54.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_73.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_73.bin
new file mode 100644
index 000000000000..d394484aad4d
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_73.bin
@@ -0,0 +1,2 @@
+�0
+�0
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_74.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_74.bin
new file mode 100644
index 000000000000..d2e4cb2a41a7
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_74.bin
@@ -0,0 +1 @@
+�-0+��	T value�00�0��fdata
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_75.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_75.bin
new file mode 100644
index 000000000000..51dcdc0ad82d
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_75.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_76.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_76.bin
new file mode 100644
index 000000000000..1b9a8f86155e
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_pa_spake_76.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_padata_sequence_38.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_padata_sequence_38.bin
new file mode 100644
index 000000000000..def7fcb589b9
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_padata_sequence_38.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_priv_28.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_priv_28.bin
new file mode 100644
index 000000000000..178ba448812b
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_priv_28.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_reply_key_pack_82.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_reply_key_pack_82.bin
new file mode 100644
index 000000000000..8657c7c56c90
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_reply_key_pack_82.bin
@@ -0,0 +1,2 @@
+0&�0��
+12345678�0
+��1234
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_26.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_26.bin
new file mode 100644
index 000000000000..71f6ab3cba88
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_26.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_27.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_27.bin
new file mode 100644
index 000000000000..736c6f0b3826
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_safe_27.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_49.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_49.bin
new file mode 100644
index 000000000000..62942bd8aca6
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_49.bin
@@ -0,0 +1 @@
+0"�
+0	challenge�00
+��1234
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_body_50.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_body_50.bin
new file mode 100644
index 000000000000..dd624bb4a99a
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_challenge_2_body_50.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_response_2_51.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_response_2_51.bin
new file mode 100644
index 000000000000..430f6f0e2d70
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sam_response_2_51.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_secure_cookie_70.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_secure_cookie_70.bin
new file mode 100644
index 000000000000..00a4f477bbad
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_secure_cookie_70.bin
@@ -0,0 +1 @@
+0,-�%0$0�
+�	pa-data0�
+�	pa-data
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sp80056a_other_info_83.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sp80056a_other_info_83.bin
new file mode 100644
index 000000000000..3639de9e6360
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_sp80056a_other_info_83.bin
@@ -0,0 +1,2 @@
+0��0	*�H���200.�ATHENA.MIT.EDU�0��0hftsaiextra�200.�ATHENA.MIT.EDU�0��0hftsaiextra�
+krb5data
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_spake_factor_71.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_spake_factor_71.bin
new file mode 100644
index 000000000000..6dfd6ad0b017
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_spake_factor_71.bin
@@ -0,0 +1 @@
+0�
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_11.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_11.bin
new file mode 100644
index 000000000000..0ca8532f6364
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_11.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_12.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_12.bin
new file mode 100644
index 000000000000..cd2ac5415520
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_rep_12.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_20.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_20.bin
new file mode 100644
index 000000000000..b56f57d514ae
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_20.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_21.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_21.bin
new file mode 100644
index 000000000000..eb8a40ff78a1
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_tgs_req_21.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_ticket_3.bin b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_ticket_3.bin
new file mode 100644
index 000000000000..68efbe14af4a
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_asn_seed_corpus/encode_ticket_3.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_attrset.c b/crypto/krb5/src/tests/fuzzing/fuzz_attrset.c
new file mode 100644
index 000000000000..5c1a8d604138
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_attrset.c
@@ -0,0 +1,68 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_attrset.c - fuzzing harness for kr_attrset functions */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <internal.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_context context;
+    krad_attrset *set;
+    krb5_data data_in;
+    uint8_t buffer[KRAD_PACKET_SIZE_MAX], auth[MD5_DIGEST_SIZE] = { 0 };
+    size_t encode_len;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return 0;
+
+    ret = kr_attrset_decode(context, &data_in, "f", auth, &set);
+    if (!ret)
+        kr_attrset_encode(set, "f", auth, FALSE, buffer, &encode_len);
+
+    krad_attrset_free(set);
+    krb5_free_context(context);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_attrset_seed_corpus/t_attrset.bin b/crypto/krb5/src/tests/fuzzing/fuzz_attrset_seed_corpus/t_attrset.bin
new file mode 100644
index 000000000000..aceceefa7a38
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_attrset_seed_corpus/t_attrset.bin
@@ -0,0 +1,2 @@
+
+testUserX���7����I�mX'
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_chpw.c b/crypto/krb5/src/tests/fuzzing/fuzz_chpw.c
new file mode 100644
index 000000000000..dfa6dfda60b8
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_chpw.c
@@ -0,0 +1,65 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_chpw.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for krb5_chpw_message.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 512
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    char *msg;
+    krb5_data data_in;
+    krb5_context context;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    if (krb5_init_context(&context) != 0)
+        return 0;
+
+    if (krb5_chpw_message(context, &data_in, &msg) == 0)
+        free(msg);
+
+    krb5_free_context(context);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_age.bin b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_age.bin
new file mode 100644
index 000000000000..cf3ccef4213b
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_age.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_all.bin b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_all.bin
new file mode 100644
index 000000000000..77f9336fd553
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_all.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_complex.bin b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_complex.bin
new file mode 100644
index 000000000000..7e9a56f99a28
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_complex.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_history.bin b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_history.bin
new file mode 100644
index 000000000000..5682bd708a99
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_history.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_length.bin b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_length.bin
new file mode 100644
index 000000000000..dda723cc1d6c
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_ad_length.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_invalid_utf8.bin b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_invalid_utf8.bin
new file mode 100644
index 000000000000..f1f4ef55fdb4
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_invalid_utf8.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_utf8.bin b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_utf8.bin
new file mode 100644
index 000000000000..3a20212ae9cb
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_chpw_seed_corpus/result_utf8.bin
@@ -0,0 +1 @@
+This is a valid string.
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_crypto.c b/crypto/krb5/src/tests/fuzzing/fuzz_crypto.c
new file mode 100644
index 000000000000..2bd52e62979c
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_crypto.c
@@ -0,0 +1,171 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_crypto.c - fuzzing harness for general crypto */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <crypto_int.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 512
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static void
+fuzz_checksum(krb5_cksumtype sumtype, krb5_keyblock keyblock,
+              krb5_keyusage usage, krb5_data data)
+{
+    krb5_error_code ret;
+    krb5_checksum cksum;
+    krb5_boolean valid;
+
+    ret = krb5_c_make_checksum(NULL, sumtype, &keyblock, usage, &data, &cksum);
+    if (ret)
+        return;
+
+    ret = krb5_c_verify_checksum(NULL, &keyblock, usage, &data, &cksum,
+                                 &valid);
+    if (ret || !valid)
+        abort();
+
+    krb5_free_checksum_contents(NULL, &cksum);
+}
+
+static void
+fuzz_crypt(krb5_keyblock keyblock, krb5_enctype enctype,
+           krb5_keyusage usage, krb5_data data)
+{
+    krb5_error_code ret;
+    krb5_enc_data encoded = { 0 };
+    krb5_data decoded = empty_data();
+    size_t enclen;
+
+    ret = krb5_c_encrypt_length(NULL, enctype, data.length, &enclen);
+    if (ret)
+        return;
+
+    encoded.magic = KV5M_ENC_DATA;
+    encoded.enctype = enctype;
+
+    ret = alloc_data(&encoded.ciphertext, enclen);
+    if (ret)
+        return;
+
+    ret = alloc_data(&decoded, data.length);
+    if (ret) {
+        krb5_free_data_contents(NULL, &encoded.ciphertext);
+        return;
+    }
+
+    ret = krb5_c_encrypt(NULL, &keyblock, usage, NULL, &data, &encoded);
+    if (ret)
+        goto cleanup;
+
+    ret = krb5_c_decrypt(NULL, &keyblock, usage, NULL, &encoded, &decoded);
+    if (ret)
+        goto cleanup;
+
+    if (memcmp(data.data, decoded.data, data.length) != 0)
+        abort();
+
+cleanup:
+    krb5_free_data_contents(NULL, &encoded.ciphertext);
+    krb5_free_data_contents(NULL, &decoded);
+}
+
+static void
+fuzz_prf(krb5_keyblock keyblock, krb5_enctype enctype, krb5_data data)
+{
+    krb5_error_code ret;
+    krb5_data output;
+    size_t prfsz;
+
+    ret = krb5_c_prf_length(NULL, enctype, &prfsz);
+    if (ret)
+        return;
+
+    ret = alloc_data(&output, prfsz);
+    if (ret)
+        return;
+
+    krb5_c_prf(NULL, &keyblock, &data, &output);
+
+    krb5_free_data_contents(NULL, &output);
+}
+
+static void
+fuzz_setup(krb5_enctype enctype, krb5_cksumtype sumtype,
+           krb5_keyusage usage, krb5_data data)
+{
+    krb5_error_code ret;
+    krb5_keyblock keyblock;
+
+    ret = krb5_c_make_random_key(NULL, enctype, &keyblock);
+    if (ret)
+        return;
+
+    fuzz_checksum(sumtype, keyblock, usage, data);
+    fuzz_crypt(keyblock, enctype, usage, data);
+    fuzz_prf(keyblock, enctype, data);
+
+    krb5_free_keyblock_contents(NULL, &keyblock);
+}
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_data data_in;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    fuzz_setup(ENCTYPE_DES3_CBC_SHA1, CKSUMTYPE_HMAC_SHA1_DES3, 0, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC, CKSUMTYPE_MD5_HMAC_ARCFOUR, 1, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC, CKSUMTYPE_HMAC_MD5_ARCFOUR, 2, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC_EXP, CKSUMTYPE_RSA_MD4, 3, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC_EXP, CKSUMTYPE_RSA_MD5, 4, data_in);
+    fuzz_setup(ENCTYPE_ARCFOUR_HMAC_EXP, CKSUMTYPE_SHA1, 5, data_in);
+    fuzz_setup(ENCTYPE_AES128_CTS_HMAC_SHA1_96, CKSUMTYPE_HMAC_SHA1_96_AES128,
+               6, data_in);
+    fuzz_setup(ENCTYPE_AES256_CTS_HMAC_SHA1_96, CKSUMTYPE_HMAC_SHA1_96_AES256,
+               7, data_in);
+    fuzz_setup(ENCTYPE_CAMELLIA128_CTS_CMAC, CKSUMTYPE_CMAC_CAMELLIA128,
+               8, data_in);
+    fuzz_setup(ENCTYPE_CAMELLIA256_CTS_CMAC, CKSUMTYPE_CMAC_CAMELLIA256,
+               9, data_in);
+    fuzz_setup(ENCTYPE_AES128_CTS_HMAC_SHA256_128,
+               CKSUMTYPE_HMAC_SHA256_128_AES128, 10, data_in);
+    fuzz_setup(ENCTYPE_AES256_CTS_HMAC_SHA384_192,
+               CKSUMTYPE_HMAC_SHA384_192_AES256, 11, data_in);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_crypto_seed_corpus/input.bin b/crypto/krb5/src/tests/fuzzing/fuzz_crypto_seed_corpus/input.bin
new file mode 100644
index 000000000000..13f3fcbe0588
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_crypto_seed_corpus/input.bin
@@ -0,0 +1 @@
+brrr
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_des.c b/crypto/krb5/src/tests/fuzzing/fuzz_des.c
new file mode 100644
index 000000000000..08efb38b2979
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_des.c
@@ -0,0 +1,109 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_des.c - fuzzing harness for DES functions */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <des_int.h>
+
+#include <f_cbc.c>
+
+#define kMinInputLength 32
+#define kMaxInputLength 128
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+uint8_t default_ivec[8] = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };
+
+static void
+fuzz_des(uint8_t *input, mit_des_key_schedule sched)
+{
+    uint8_t encrypt[8], decrypt[8];
+
+    mit_des_cbc_encrypt((const mit_des_cblock *)input,
+                        (mit_des_cblock *)encrypt, 8,
+                        sched, default_ivec, MIT_DES_ENCRYPT);
+
+    mit_des_cbc_encrypt((const mit_des_cblock *)encrypt,
+                        (mit_des_cblock *)decrypt, 8,
+                        sched, default_ivec, MIT_DES_DECRYPT);
+
+    if (memcmp(input, decrypt, 8) != 0)
+        abort();
+}
+
+static void
+fuzz_decrypt(uint8_t *input, mit_des_key_schedule sched)
+{
+    uint8_t output[8];
+
+    mit_des_cbc_encrypt((const mit_des_cblock *)input,
+                        (mit_des_cblock *)output, 8,
+                        sched, default_ivec, MIT_DES_DECRYPT);
+}
+
+static void
+fuzz_cksum(uint8_t *input, mit_des_key_schedule sched)
+{
+    uint8_t output[8];
+
+    mit_des_cbc_cksum(input, output, 8, sched, default_ivec);
+}
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    mit_des_key_schedule sched;
+    uint8_t *data_in, input[8];
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    memcpy(input, data, 8);
+    ret = mit_des_key_sched(input, sched);
+    if (ret)
+        return 0;
+
+    memcpy(input, data + 8, 8);
+    fuzz_des(input, sched);
+
+    memcpy(input, data + 16, 8);
+    fuzz_decrypt(input, sched);
+
+    data_in = k5memdup(data + 24, size - 24, &ret);
+    if (ret)
+        return 0;
+
+    fuzz_cksum(data_in, sched);
+    free(data_in);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_des_seed_corpus/input.bin b/crypto/krb5/src/tests/fuzzing/fuzz_des_seed_corpus/input.bin
new file mode 100644
index 000000000000..6607c59ab3b3
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_des_seed_corpus/input.bin
@@ -0,0 +1 @@
+brrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_gss.c b/crypto/krb5/src/tests/fuzzing/fuzz_gss.c
new file mode 100644
index 000000000000..3c65f34fd01f
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_gss.c
@@ -0,0 +1,73 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_gss.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for gss_accept_sec_context.
+ */
+
+#include "autoconf.h"
+#include <krb5.h>
+#include <gssapi.h>
+#include <string.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    gss_OID doid;
+    OM_uint32 minor, ret_flags, time_rec;
+    gss_name_t client = GSS_C_NO_NAME;
+    gss_ctx_id_t context = GSS_C_NO_CONTEXT;
+    gss_cred_id_t deleg_cred = GSS_C_NO_CREDENTIAL;
+    gss_buffer_desc data_in, data_out = GSS_C_EMPTY_BUFFER;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in.length = size;
+    data_in.value = (void *)data;
+
+    gss_accept_sec_context(&minor, &context, GSS_C_NO_CREDENTIAL,
+                           &data_in, GSS_C_NO_CHANNEL_BINDINGS, &client,
+                           &doid, &data_out, &ret_flags, &time_rec,
+                           &deleg_cred);
+
+    gss_release_buffer(&minor, &data_out);
+
+    if (context != GSS_C_NO_CONTEXT)
+        gss_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/establish_contexts_ex.bin b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/establish_contexts_ex.bin
new file mode 100644
index 000000000000..9e2a8d765a81
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/establish_contexts_ex.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/gss_accept_sec_context_kerberos.bin b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/gss_accept_sec_context_kerberos.bin
new file mode 100644
index 000000000000..9bc9afdd7849
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/gss_accept_sec_context_kerberos.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/gss_accept_sec_context_spnego.bin b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/gss_accept_sec_context_spnego.bin
new file mode 100644
index 000000000000..a191e0a59f0f
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/gss_accept_sec_context_spnego.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/realm_query.bin b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/realm_query.bin
new file mode 100644
index 000000000000..2178d65a04b6
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/realm_query.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/start_accept_context.bin b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/start_accept_context.bin
new file mode 100644
index 000000000000..980b6484d3dc
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_gss_seed_corpus/start_accept_context.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_json.c b/crypto/krb5/src/tests/fuzzing/fuzz_json.c
new file mode 100644
index 000000000000..a3440eaef1ca
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_json.c
@@ -0,0 +1,74 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_json.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for k5_json_decode.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <krb5.h>
+#include <k5-json.h>
+#include <string.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    k5_json_value decoded = NULL;
+    char *data_in = NULL, *data_out;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in = k5memdup0(data, size, &ret);
+    if (data_in == NULL)
+        return 0;
+
+    ret = k5_json_decode(data_in, &decoded);
+    if (ret)
+        goto cleanup;
+
+    ret = k5_json_encode(decoded, &data_out);
+    if (!ret)
+        free(data_out);
+
+cleanup:
+    free(data_in);
+    k5_json_release(decoded);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_json_seed_corpus/seed_1.json b/crypto/krb5/src/tests/fuzzing/fuzz_json_seed_corpus/seed_1.json
new file mode 100644
index 000000000000..ece1b849b581
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_json_seed_corpus/seed_1.json
@@ -0,0 +1 @@
+	 "foo\"bar" 
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_json_seed_corpus/seed_2.json b/crypto/krb5/src/tests/fuzzing/fuzz_json_seed_corpus/seed_2.json
new file mode 100644
index 000000000000..f0bd59cb5491
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_json_seed_corpus/seed_2.json
@@ -0,0 +1 @@
+{ "k1" : { "k2" : "s2", "k3" : "s3" }, "k4" : "s4" }
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_json_seed_corpus/seed_3.json b/crypto/krb5/src/tests/fuzzing/fuzz_json_seed_corpus/seed_3.json
new file mode 100644
index 000000000000..9c4eec71eb1e
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_json_seed_corpus/seed_3.json
@@ -0,0 +1 @@
+ [ -1 ]
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_kdc.c b/crypto/krb5/src/tests/fuzzing/fuzz_kdc.c
new file mode 100644
index 000000000000..59457e282c96
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_kdc.c
@@ -0,0 +1,72 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_kdc.c - fuzzing harness for KDC replay cache */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+
+#include <replay.c>
+
+#define kMinInputLength 2
+#define kMaxInputLength 256
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_context context = NULL;
+    krb5_data req, rep;
+    struct entry *e;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return 0;
+
+    ret = kdc_init_lookaside(context);
+    if (ret)
+        goto cleanup;
+
+    req = make_data((void *)data, size);
+    rep = make_data((void *)data, size - 1);
+
+    e = insert_entry(context, &req, &rep, 0);
+    discard_entry(context, e);
+
+    kdc_free_lookaside(context);
+
+cleanup:
+    krb5_free_context(context);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_kdc_seed_corpus/input.bin b/crypto/krb5/src/tests/fuzzing/fuzz_kdc_seed_corpus/input.bin
new file mode 100644
index 000000000000..6605099dcbba
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_kdc_seed_corpus/input.bin
@@ -0,0 +1 @@
+I Had Strings, But now i'm free.
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krad.c b/crypto/krb5/src/tests/fuzzing/fuzz_krad.c
new file mode 100644
index 000000000000..dbafbf164fb9
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krad.c
@@ -0,0 +1,93 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_krad.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for krad_packet_decode_response,
+ * krad_packet_decode_request.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <krad.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+static krad_packet *packets[3];
+
+static const krad_packet *
+iterator(void *data, krb5_boolean cancel)
+{
+    krad_packet *tmp;
+    int *i = data;
+
+    if (cancel || packets[*i] == NULL)
+        return NULL;
+
+    tmp = packets[*i];
+    *i += 1;
+    return tmp;
+}
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    int i;
+    krb5_context ctx;
+    krb5_data data_in;
+    const char *secret = "f";
+    const krad_packet *req_1 = NULL, *req_2 = NULL;
+    krad_packet *rsp_1 = NULL, *rsp_2 = NULL;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    if (krb5_init_context(&ctx) != 0)
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    i = 0;
+    krad_packet_decode_response(ctx, secret, &data_in, iterator, &i,
+                                &req_1, &rsp_1);
+
+    i = 0;
+    krad_packet_decode_request(ctx, secret, &data_in, iterator, &i,
+                               &req_2, &rsp_2);
+
+    krad_packet_free(rsp_1);
+    krad_packet_free(rsp_2);
+    krb5_free_context(ctx);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krad_seed_corpus/do_auth_1.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krad_seed_corpus/do_auth_1.bin
new file mode 100644
index 000000000000..02eb9a1cb5e6
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krad_seed_corpus/do_auth_1.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb.c b/crypto/krb5/src/tests/fuzzing/fuzz_krb.c
new file mode 100644
index 000000000000..61f16765db58
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb.c
@@ -0,0 +1,170 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/krb.c - fuzzing harness for miscellaneous libkrb5 functions */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 512
+
+#define ANAME_SZ 40
+#define INST_SZ  40
+#define REALM_SZ  40
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static void
+fuzz_deltat(char *data_in)
+{
+    krb5_deltat result;
+    krb5_string_to_deltat(data_in, &result);
+}
+
+static void
+fuzz_host_string(char *data_in)
+{
+    krb5_error_code ret;
+    char *host;
+    int port = -1;
+
+    ret = k5_parse_host_string(data_in, 0, &host, &port);
+    if (!ret)
+        free(host);
+}
+
+static void
+fuzz_princ(krb5_context context, char *data_in)
+{
+    krb5_error_code ret;
+    krb5_principal p;
+    char *princ;
+
+    ret = krb5_parse_name(context, data_in, &p);
+    if (ret)
+        return;
+
+    ret = krb5_unparse_name(context, p, &princ);
+    if (!ret)
+        free(princ);
+
+    krb5_free_principal(context, p);
+}
+
+static void
+fuzz_principal_425(krb5_context context, char *data_in)
+{
+    krb5_principal princ;
+    krb5_425_conv_principal(context, data_in, data_in, data_in, &princ);
+    krb5_free_principal(context, princ);
+}
+
+static void
+fuzz_principal_524(krb5_context context, char *data_in)
+{
+    krb5_error_code ret;
+    krb5_principal princ = 0;
+    char aname[ANAME_SZ + 1], inst[INST_SZ + 1], realm[REALM_SZ + 1];
+
+    aname[ANAME_SZ] = inst[INST_SZ] = realm[REALM_SZ] = 0;
+
+    ret = krb5_parse_name(context, data_in, &princ);
+    if (ret)
+        return;
+
+    krb5_524_conv_principal(context, princ, aname, inst, realm);
+    krb5_free_principal(context, princ);
+}
+
+static void
+fuzz_timestamp(char *data_in)
+{
+    krb5_error_code ret;
+    krb5_timestamp timestamp;
+
+    ret = krb5_string_to_timestamp(data_in, &timestamp);
+    if (!ret)
+        ts2tt(timestamp);
+}
+
+/*
+ * data_in is going to be modified during parsing.
+ */
+static void
+fuzz_enctype_list(char *data_in)
+{
+    krb5_error_code ret;
+    krb5_context context;
+    krb5_enctype *ienc, zero = 0;
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return;
+
+    ret = krb5int_parse_enctype_list(context, "", data_in, &zero, &ienc);
+    if (!ret)
+        free(ienc);
+
+    krb5_free_context(context);
+}
+
+extern int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_context context = NULL;
+    char *data_in;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return 0;
+
+    data_in = k5memdup0(data, size, &ret);
+    if (ret)
+        goto cleanup;
+
+    fuzz_deltat(data_in);
+    fuzz_host_string(data_in);
+    fuzz_princ(context, data_in);
+    fuzz_principal_425(context, data_in);
+    fuzz_principal_524(context, data_in);
+    fuzz_timestamp(data_in);
+    fuzz_enctype_list(data_in);
+
+    free(data_in);
+
+cleanup:
+    krb5_free_context(context);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb5_ticket.c b/crypto/krb5/src/tests/fuzzing/fuzz_krb5_ticket.c
new file mode 100644
index 000000000000..0b541f444c61
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb5_ticket.c
@@ -0,0 +1,85 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_krb5_ticket.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for krb5_decode_ticket.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <krb5.h>
+#include <string.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 2048
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_context context = NULL;
+    krb5_keytab defkt = NULL;
+    krb5_data data_in, *data_out;
+    krb5_ticket *ticket = NULL;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return 0;
+
+    ret = krb5_kt_default(context, &defkt);
+    if (ret)
+        goto cleanup;
+
+    ret = krb5_decode_ticket(&data_in, &ticket);
+    if (ret)
+        goto cleanup;
+
+    ret = encode_krb5_ticket(ticket, &data_out);
+    if (!ret)
+        krb5_free_data(context, data_out);
+
+    krb5_server_decrypt_ticket_keytab(context, defkt, ticket);
+
+cleanup:
+    krb5_free_ticket(context, ticket);
+    if (defkt != NULL)
+        krb5_kt_close(context, defkt);
+    krb5_free_context(context);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb5_ticket_seed_corpus/gcred.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb5_ticket_seed_corpus/gcred.bin
new file mode 100644
index 000000000000..645576f0014b
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb5_ticket_seed_corpus/gcred.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb5_ticket_seed_corpus/s4u2proxy.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb5_ticket_seed_corpus/s4u2proxy.bin
new file mode 100644
index 000000000000..19877645ffa7
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb5_ticket_seed_corpus/s4u2proxy.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/deltat.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/deltat.bin
new file mode 100644
index 000000000000..eaca6be22cc5
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/deltat.bin
@@ -0,0 +1 @@
+-35791394m-9s
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_1.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_1.bin
new file mode 100644
index 000000000000..47fb41b9bfe5
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_1.bin
@@ -0,0 +1 @@
+default -aes128-cts -des-hmac-sha1
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_2.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_2.bin
new file mode 100644
index 000000000000..8c5071abdf53
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_2.bin
@@ -0,0 +1 @@
+aes des3-cbc-sha1-kd
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_3.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_3.bin
new file mode 100644
index 000000000000..ac635ee6a3b3
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_3.bin
@@ -0,0 +1 @@
+camellia -camellia256-cts-cmac
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_4.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_4.bin
new file mode 100644
index 000000000000..4ddee4c5304a
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_4.bin
@@ -0,0 +1 @@
+DEFAULT +aes -arcfour-hmac-md5
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_5.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_5.bin
new file mode 100644
index 000000000000..5892bca7f482
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_5.bin
@@ -0,0 +1 @@
+DEFAULT -des3 rc4-hmac rc4-hmac-exp
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_6.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_6.bin
new file mode 100644
index 000000000000..6501ba6fef23
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_6.bin
@@ -0,0 +1 @@
+des3 +DEFAULT
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_7.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_7.bin
new file mode 100644
index 000000000000..09d89bf33e3c
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/enctype_7.bin
@@ -0,0 +1 @@
+aes +rc4 -DEFaulT des3-hmac-sha1
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_11.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_11.bin
new file mode 100644
index 000000000000..6a1a02e57042
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_11.bin
@@ -0,0 +1 @@
+70000
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_12.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_12.bin
new file mode 100644
index 000000000000..fe9049d24605
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_12.bin
@@ -0,0 +1 @@
+test.example:F101
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_2.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_2.bin
new file mode 100644
index 000000000000..3fc5c1775c10
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_2.bin
@@ -0,0 +1 @@
+192.168.1.1
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_4.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_4.bin
new file mode 100644
index 000000000000..9ca257a84aae
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_4.bin
@@ -0,0 +1 @@
+[BEEF:CAFE:FEED:FACE:DEAD:BEEF:DEAF:BABE]
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_5.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_5.bin
new file mode 100644
index 000000000000..3081d9b01a61
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_5.bin
@@ -0,0 +1 @@
+[BEEF:CAFE:FEED:FACE:DEAD:BEEF:DEAF:BABE]:250
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_8.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_8.bin
new file mode 100644
index 000000000000..4fef47ce34b1
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_8.bin
@@ -0,0 +1 @@
+:300
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_9.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_9.bin
new file mode 100644
index 000000000000..0dbf139f8d1a
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/host_string_9.bin
@@ -0,0 +1 @@
+350
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/parse_name.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/parse_name.bin
new file mode 100644
index 000000000000..2cfb7c29b5dc
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/parse_name.bin
@@ -0,0 +1 @@
+lha@SU.SE
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/principal_425_name.bin b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/principal_425_name.bin
new file mode 100644
index 000000000000..1f0e72453f70
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_krb_seed_corpus/principal_425_name.bin
@@ -0,0 +1 @@
+kadmin
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred.c b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred.c
new file mode 100644
index 000000000000..07b130a839bb
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred.c
@@ -0,0 +1,69 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_marshal_cred.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for k5_unmarshal_cred.
+ */
+
+#include "autoconf.h"
+#include <cc-int.h>
+
+#define FIRST_VERSION 1
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_creds cred;
+    int version;
+    struct k5buf buf;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    for (version = FIRST_VERSION; version <= 4; version++) {
+        ret = k5_unmarshal_cred(data, size, version, &cred);
+        if (!ret) {
+            k5_buf_init_dynamic(&buf);
+            k5_marshal_cred(&buf, version, &cred);
+            k5_buf_free(&buf);
+        }
+
+        krb5_free_cred_contents(NULL, &cred);
+    }
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_1_input_1.bin b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_1_input_1.bin
new file mode 100644
index 000000000000..829e71fdc28c
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_1_input_1.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_1_input_2.bin b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_1_input_2.bin
new file mode 100644
index 000000000000..194215ee37a2
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_1_input_2.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_1_input_4.bin b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_1_input_4.bin
new file mode 100644
index 000000000000..2c9a95cfdb8f
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_1_input_4.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_2_input_1.bin b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_2_input_1.bin
new file mode 100644
index 000000000000..f2c350d7b68d
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_2_input_1.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_2_input_2.bin b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_2_input_2.bin
new file mode 100644
index 000000000000..7e4a9da1531c
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_2_input_2.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_2_input_4.bin b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_2_input_4.bin
new file mode 100644
index 000000000000..e1fc4dfbbcd2
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_cred_seed_corpus/cred_2_input_4.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ.c b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ.c
new file mode 100644
index 000000000000..b41fd626944d
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ.c
@@ -0,0 +1,69 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_marshal_princ.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for k5_unmarshal_princ.
+ */
+
+#include "autoconf.h"
+#include <cc-int.h>
+
+#define FIRST_VERSION 1
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_principal princ;
+    int version;
+    struct k5buf buf;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    for (version = FIRST_VERSION; version <= 4; version++) {
+        ret = k5_unmarshal_princ(data, size, version, &princ);
+        if (!ret) {
+            k5_buf_init_dynamic(&buf);
+            k5_marshal_princ(&buf, version, princ);
+            k5_buf_free(&buf);
+        }
+
+        krb5_free_principal(NULL, princ);
+    }
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ_seed_corpus/princ_input_1.bin b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ_seed_corpus/princ_input_1.bin
new file mode 100644
index 000000000000..f6f1af038e1d
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ_seed_corpus/princ_input_1.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ_seed_corpus/princ_input_2.bin b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ_seed_corpus/princ_input_2.bin
new file mode 100644
index 000000000000..fb55f77d05fe
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ_seed_corpus/princ_input_2.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ_seed_corpus/princ_input_4.bin b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ_seed_corpus/princ_input_4.bin
new file mode 100644
index 000000000000..0259f34c7523
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_marshal_princ_seed_corpus/princ_input_4.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_ndr.c b/crypto/krb5/src/tests/fuzzing/fuzz_ndr.c
new file mode 100644
index 000000000000..7692bace72e2
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_ndr.c
@@ -0,0 +1,67 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_ndr.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for ndr_dec_delegation_info.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <kdc_util.h>
+
+#include <ndr.c>
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_data data_in, data_out = empty_data();
+    struct pac_s4u_delegation_info *di;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in = make_data((void *)data, size);
+
+    ret = ndr_dec_delegation_info(&data_in, &di);
+    if (!ret)
+        (void)ndr_enc_delegation_info(di, &data_out);
+
+    ndr_free_delegation_info(di);
+    krb5_free_data_contents(NULL, &data_out);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_ndr_seed_corpus/s4u_di_double.bin b/crypto/krb5/src/tests/fuzzing/fuzz_ndr_seed_corpus/s4u_di_double.bin
new file mode 100644
index 000000000000..9c0e718f0d82
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_ndr_seed_corpus/s4u_di_double.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_ndr_seed_corpus/s4u_di_long.bin b/crypto/krb5/src/tests/fuzzing/fuzz_ndr_seed_corpus/s4u_di_long.bin
new file mode 100644
index 000000000000..444bc46ba6d6
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_ndr_seed_corpus/s4u_di_long.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_oid.c b/crypto/krb5/src/tests/fuzzing/fuzz_oid.c
new file mode 100644
index 000000000000..d397d4861087
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_oid.c
@@ -0,0 +1,65 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_oid.c - fuzzing harness for GSS OID conversions */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <gssapi/gssapi_krb5.h>
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    OM_uint32 minor;
+    gss_buffer_desc buf;
+    gss_OID oid;
+    gss_OID_desc oid_desc;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    oid_desc.elements = (void *)data;
+    oid_desc.length = size;
+
+    gss_oid_to_str(&minor, &oid_desc, &buf);
+    gss_release_buffer(&minor, &buf);
+
+    buf.value = (void *)data;
+    buf.length = size;
+
+    gss_str_to_oid(&minor, &buf, &oid);
+    gss_release_oid(&minor, &oid);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_19.bin b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_19.bin
new file mode 100644
index 000000000000..16e0e90df089
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_19.bin
@@ -0,0 +1 @@
+
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_20.bin b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_20.bin
new file mode 100644
index 000000000000..8b040ead36e9
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_20.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_21.bin b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_21.bin
new file mode 100644
index 000000000000..6b58abecd6cd
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_21.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_22.bin b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_22.bin
new file mode 100644
index 000000000000..09f370e38f49
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_22.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_24.bin b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_24.bin
new file mode 100644
index 000000000000..8fdfd1779b7e
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_24.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_8.bin b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_8.bin
new file mode 100644
index 000000000000..091299428a98
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_oid_seed_corpus/oid_8.bin
@@ -0,0 +1 @@
+*�H��
+\ No newline at end of file
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_pac.c b/crypto/krb5/src/tests/fuzzing/fuzz_pac.c
new file mode 100644
index 000000000000..38488420eb67
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_pac.c
@@ -0,0 +1,93 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_pac.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for krb5_pac_parse.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+
+#define U(x) (uint8_t *)x
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+static const krb5_keyblock kdc_keyblock = {
+    0, ENCTYPE_ARCFOUR_HMAC,
+    16, U("\xB2\x86\x75\x71\x48\xAF\x7F\xD2\x52\xC5\x36\x03\xA1\x50\xB7\xE7")
+};
+
+static const krb5_keyblock member_keyblock = {
+    0, ENCTYPE_ARCFOUR_HMAC,
+    16, U("\xD2\x17\xFA\xEA\xE5\xE6\xB5\xF9\x5C\xCC\x94\x07\x7A\xB8\xA5\xFC")
+};
+
+static time_t authtime = 1120440609;
+static const char *user = "w2003final$@WIN2K3.THINKER.LOCAL";
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    krb5_context context = NULL;
+    krb5_pac pac;
+    krb5_principal princ = NULL;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    ret = krb5_init_context(&context);
+    if (ret)
+        return 0;
+
+    ret = krb5_parse_name(context, user, &princ);
+    if (ret)
+        goto cleanup;
+
+    ret = krb5_pac_parse(context, data, size, &pac);
+    if (ret)
+        goto cleanup;
+
+    krb5_pac_verify(context, pac, authtime, princ, NULL, NULL);
+    krb5_pac_verify_ext(context, pac, authtime, princ, NULL, NULL, TRUE);
+    krb5_pac_verify(context, pac, authtime, princ, &member_keyblock,
+                    &kdc_keyblock);
+
+    krb5_pac_free(context, pac);
+
+cleanup:
+    krb5_free_principal(context, princ);
+    krb5_free_context(context);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_pac_seed_corpus/s4u_pac_regular.bin b/crypto/krb5/src/tests/fuzzing/fuzz_pac_seed_corpus/s4u_pac_regular.bin
new file mode 100644
index 000000000000..c16319417396
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_pac_seed_corpus/s4u_pac_regular.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_pac_seed_corpus/saved_pac.bin b/crypto/krb5/src/tests/fuzzing/fuzz_pac_seed_corpus/saved_pac.bin
new file mode 100644
index 000000000000..6336bef5fb04
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_pac_seed_corpus/saved_pac.bin
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_profile.c b/crypto/krb5/src/tests/fuzzing/fuzz_profile.c
new file mode 100644
index 000000000000..e62decf7b79d
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_profile.c
@@ -0,0 +1,87 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_profile.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for profile_parse_file.
+ */
+
+#include "autoconf.h"
+#include <prof_int.h>
+
+void dump_profile(struct profile_node *root, int level);
+
+#define kMinInputLength 2
+#define kMaxInputLength 1024
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    errcode_t ret;
+    FILE *fp_w, *fp_r;
+    char file_name[256], *output;
+    struct profile_node *root;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    snprintf(file_name, sizeof(file_name), "/tmp/libfuzzer.%d", getpid());
+
+    /* Write data into the file. */
+    fp_w = fopen(file_name, "w");
+    if (!fp_w)
+        return 1;
+    fwrite(data, 1, size, fp_w);
+    fclose(fp_w);
+
+    /* Provide the file pointer to the parser. */
+    fp_r = fopen(file_name, "r");
+    if (!fp_r)
+        return 1;
+
+    initialize_prof_error_table();
+
+    ret = profile_parse_file(fp_r, &root, NULL);
+    if (!ret) {
+        ret = profile_write_tree_to_buffer(root, &output);
+        if (!ret)
+            free(output);
+
+        profile_verify_node(root);
+        profile_free_node(root);
+    }
+
+    fclose(fp_r);
+    unlink(file_name);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final2.ini b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final2.ini
new file mode 100644
index 000000000000..827ec25dcad6
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final2.ini
@@ -0,0 +1,5 @@
+# In this variant the relation is marked final.
+[section]
+	subsection = {
+		key* = value2
+	}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final3.ini b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final3.ini
new file mode 100644
index 000000000000..dcf0ca96a82f
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final3.ini
@@ -0,0 +1,6 @@
+# In this variant the subsection is marked final via a '*' at the end
+# of the tag name.
+[section]
+	subsection* = {
+		key = value3
+	}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final4.ini b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final4.ini
new file mode 100644
index 000000000000..dcba07845994
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final4.ini
@@ -0,0 +1,6 @@
+# In this variant the subsection is marked final via a '*' after the
+# closing brace.
+[section]
+	subsection = {
+		key = value4
+	}*
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final5.ini b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final5.ini
new file mode 100644
index 000000000000..58cd57d3fc3e
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/final5.ini
@@ -0,0 +1,5 @@
+# In this variant the top-level section is marked final.
+[section]*
+	subsection = {
+		key = value5
+	}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/modtest.conf b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/modtest.conf
new file mode 100644
index 000000000000..7ef0971d6d19
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/modtest.conf
@@ -0,0 +1 @@
+module /home/dark/Desktop/krb5/src/util/profile/testmod/proftest.so-nobuild:teststring
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/test3.ini b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/test3.ini
new file mode 100644
index 000000000000..97f524a95a8c
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/test3.ini
@@ -0,0 +1,3 @@
+[section]
+	var = value
+
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/testinc.ini b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/testinc.ini
new file mode 100644
index 000000000000..31136f3692ac
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/testinc.ini
@@ -0,0 +1,6 @@
+[sec1]
+var = {
+a = 1
+include testinc2.ini
+c = 3
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/testinc2.ini b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/testinc2.ini
new file mode 100644
index 000000000000..35ea95fa5576
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_profile_seed_corpus/testinc2.ini
@@ -0,0 +1,2 @@
+[sec2]
+b = 2
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_util.c b/crypto/krb5/src/tests/fuzzing/fuzz_util.c
new file mode 100644
index 000000000000..91641ad1cb53
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_util.c
@@ -0,0 +1,159 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/fuzzing/fuzz_util.c */
+/*
+ * Copyright (C) 2024 by Arjun. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Fuzzing harness implementation for k5_base64_decode, k5_hex_decode
+ * krb5_parse_name and k5_parse_host_string.
+ */
+
+#include "autoconf.h"
+#include <k5-int.h>
+#include <k5-base64.h>
+#include <k5-hex.h>
+#include <string.h>
+#include <k5-utf8.h>
+
+#include <hashtab.c>
+
+#define kMinInputLength 2
+#define kMaxInputLength 256
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static void
+fuzz_base64(const char *data_in, size_t size)
+{
+    size_t len;
+
+    free(k5_base64_encode(data_in, size));
+    free(k5_base64_decode(data_in, &len));
+}
+
+static void
+fuzz_hashtab(const char *data_in, size_t size)
+{
+    int st;
+    struct k5_hashtab *ht;
+
+    k5_hashtab_create(NULL, 4, &ht);
+    if (ht == NULL)
+        return;
+
+    k5_hashtab_add(ht, data_in, size, &st);
+
+    k5_hashtab_free(ht);
+}
+
+static void
+fuzz_hex(const char *data_in, size_t size)
+{
+    char *hex;
+    uint8_t *bytes;
+    size_t len;
+
+    if (k5_hex_encode(data_in, size, 0, &hex) == 0)
+        free(hex);
+
+    if (k5_hex_encode(data_in, size, 1, &hex) == 0)
+        free(hex);
+
+    if (k5_hex_decode(data_in, &bytes, &len) == 0)
+        free(bytes);
+}
+
+static void
+fuzz_name(const char *data_in, size_t size)
+{
+    krb5_context context;
+    krb5_principal fuzzing;
+
+    if (krb5_init_context(&context) != 0)
+        return;
+
+    krb5_parse_name(context, data_in, &fuzzing);
+
+    krb5_free_principal(context, fuzzing);
+    krb5_free_context(context);
+}
+
+static void
+fuzz_parse_host(const char *data_in, size_t size)
+{
+    char *host_out = NULL;
+    int port_out = -1;
+
+    if (k5_parse_host_string(data_in, 1, &host_out, &port_out) == 0)
+        free(host_out);
+}
+
+static void
+fuzz_utf8(const char *data_in, size_t size)
+{
+    krb5_ucs4 u = 0;
+    char *utf8;
+    uint8_t *utf16;
+    size_t utf16len;
+
+    krb5int_utf8_to_ucs4(data_in, &u);
+
+    k5_utf8_to_utf16le(data_in, &utf16, &utf16len);
+    if (utf16 != NULL)
+        free(utf16);
+
+    k5_utf16le_to_utf8((const uint8_t *)data_in, size, &utf8);
+    if (utf8 != NULL)
+        free(utf8);
+}
+
+extern int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    krb5_error_code ret;
+    char *data_in;
+
+    if (size < kMinInputLength || size > kMaxInputLength)
+        return 0;
+
+    data_in = k5memdup0(data, size, &ret);
+    if (data_in == NULL)
+        return 0;
+
+    fuzz_base64(data_in, size);
+    fuzz_hashtab(data_in, size);
+    fuzz_hex(data_in, size);
+    fuzz_name(data_in, size);
+    fuzz_parse_host(data_in, size);
+    fuzz_utf8(data_in, size);
+
+    free(data_in);
+
+    return 0;
+}
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/base64.txt b/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/base64.txt
new file mode 100644
index 000000000000..68c422c56277
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/base64.txt
@@ -0,0 +1 @@
+YWJjOmRlZg==
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/hax.txt b/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/hax.txt
new file mode 100644
index 000000000000..c747d34aa6d4
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/hax.txt
@@ -0,0 +1 @@
+3031323334353637
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/host.txt b/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/host.txt
new file mode 100644
index 000000000000..b3968327c673
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/host.txt
@@ -0,0 +1 @@
+test.example:75
diff --git a/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/name.txt b/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/name.txt
new file mode 100644
index 000000000000..db95221bdc9f
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/fuzz_util_seed_corpus/name.txt
@@ -0,0 +1 @@
+/b@R
diff --git a/crypto/krb5/src/tests/fuzzing/oss-fuzz.sh b/crypto/krb5/src/tests/fuzzing/oss-fuzz.sh
new file mode 100644
index 000000000000..b01d4bcbd22a
--- /dev/null
+++ b/crypto/krb5/src/tests/fuzzing/oss-fuzz.sh
@@ -0,0 +1,28 @@
+#!/bin/bash -eu
+
+# This script plays the role of build.sh in OSS-Fuzz.  If only minor
+# changes are required such as changing the fuzzing targets, a PR in
+# the OSS-Fuzz repository is not needed and they can be done here.
+
+# Compile krb5 for oss-fuzz.
+pushd src/
+autoreconf
+./configure CFLAGS="-fcommon $CFLAGS" CXXFLAGS="-fcommon $CXXFLAGS" \
+    --enable-static --disable-shared --enable-ossfuzz
+make
+popd
+
+# Copy fuzz targets and seed corpus to $OUT.
+pushd src/tests/fuzzing
+
+fuzzers=("fuzz_aes" "fuzz_asn" "fuzz_attrset" "fuzz_chpw" "fuzz_crypto"
+         "fuzz_des" "fuzz_gss" "fuzz_json" "fuzz_kdc" "fuzz_krad" "fuzz_krb"
+         "fuzz_krb5_ticket" "fuzz_marshal_cred" "fuzz_marshal_princ"
+         "fuzz_ndr" "fuzz_oid" "fuzz_pac" "fuzz_profile" "fuzz_util")
+
+for fuzzer in "${fuzzers[@]}"; do
+    cp "$fuzzer" "$OUT/$fuzzer"
+    zip -r "${OUT}/${fuzzer}_seed_corpus.zip" "${fuzzer}_seed_corpus"
+done
+
+popd