The X509 Public-Key Infrastructure has long been used in the SSLTLS protocol to achieve authentication A recent trend of Internet-of-Things IoT systems employing small footprint SSLTLS libraries for s

In summary, this paper proposes the use of symbolic execution to thoroughly analyze X.509 implementations in small footprint SSL/TLS libraries. The authors introduce SymCerts, which are X.509 certificate chains constructed with a mixture of symbolic and concrete values, and utilize them to symbolically execute the certificate chain validation code of each library. By extracting path constraints and cross-validating them, the authors were able to uncover 48 instances of noncompliance in 9 small footprint X.509 implementations. The findings and suggestions provided have already been incorporated by developers into newer versions of their libraries.