SADT

Abstract

The security assurance of SSL/TLS critically depends on the correct validation of X.509 certificates. Therefore, it is important to check whether a certificate is correctly validated by the SSL/TLS implementations. Although differential testing has been proven to be effective in finding semantic bugs, it still suffers from the following limitations: (1) The syntax of test cases cannot be correctly guaranteed. (2) Current test cases are not diverse enough to cover more implementation behaviours. This paper tackles these problems by introducing SADT, a novel syntax-aware differential testing framework for evaluating the certificate validation process in SSL/TLS implementations. We first propose a tree-based mutation strategy to ensure that the generated certificates are syntactically correct, and then diversify the certificates by sharing interesting test cases among all target SSL/TLS implementations. Such generated certificates are more likely to trigger discrepancies among SSL/TLS implementations, which may indicate some potential bugs. To evaluate the effectiveness of our approach, we applied SADT on testing 6 widely used SSL/TLS implementations, compared with the state-of-the-art fuzzing technique (i.e., AFL) and two differential testing techniques (i.e., NEZHA and RFCcert). The results show that SADT outperforms other techniques in generating discrepancies. In total, 64 unique discrepancies were discovered by SADT, and 13 of them have been confirmed as bugs or fixed by the developers.