Patent attributes
The present invention relates to the technical field of computer software analysis and discloses an RFC-directed differential testing method of certificate validations in a SSL/TLS implementations which includes: extracting rules from RFC and updating the rules, classifying the rules, further classifying consumer rules and shared rules into breakable rules and unbreakable rules, expressing the rules as variables, and generating a symbolic program; generating low-level test cases by applying the dynamic symbolic execution technique to the symbolic program; assembling high-level test cases i.e. digital certificates according to the low-level test cases; and employing the assembled digital certificates to the differential testing of the certificate validation in SSL/TLS implementations.
