]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
tests: cert-tests: cleanup shell usage
authorAlon Bar-Lev <alon.barlev@gmail.com>
Wed, 17 Jun 2015 11:05:54 +0000 (14:05 +0300)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Thu, 18 Jun 2015 20:49:27 +0000 (22:49 +0200)
Add quotes for most usages of variables.

Added ${} for variables.

Cleanup trailing spaces.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
tests/cert-tests/aki
tests/cert-tests/certtool
tests/cert-tests/crq
tests/cert-tests/dane
tests/cert-tests/email
tests/cert-tests/invalid-sig
tests/cert-tests/pathlen
tests/cert-tests/pem-decoding
tests/cert-tests/pkcs7
tests/cert-tests/template-test

index a3c4135d41f65d1d32336d5626cdd6ebcd10063e..e1f2b0f9e0954de9f554189f93ff03c50851c46c 100755 (executable)
 
 set -e
 
-srcdir=${srcdir:-.}
-CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
-DIFF=${DIFF:-diff}
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool$EXEEXT}"
+DIFF="${DIFF:-diff}"
 if ! test -z "${VALGRIND}";then
 VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
 fi
 
-$VALGRIND $CERTTOOL --certificate-info --infile $srcdir/aki-cert.pem \
+${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/aki-cert.pem" \
          |grep -v "Algorithm Security Level" > tmp-aki.pem
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "info failed"
-  exit $rc
+  exit ${rc}
 fi
 
 
-$DIFF $srcdir/aki-cert.pem tmp-aki.pem
+${DIFF} "${srcdir}/aki-cert.pem" tmp-aki.pem
 rc=$?
 
 # We're done.
-if test "$rc" != "0"; then
-  exit $rc
+if test "${rc}" != "0"; then
+  exit ${rc}
 fi
 
 rm -f tmp-aki.pem
index cbabb59c0bb0c5d71e3744e13bc5cb843b32d8a2..47a1f952657620e4fa153847149dae9ced00bf82 100755 (executable)
 
 #set -e
 
-srcdir=${srcdir:-.}
-CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
-DIFF=${DIFF:-diff}
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool$EXEEXT}"
+DIFF="${DIFF:-diff}"
 if ! test -z "${VALGRIND}";then
 VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
 fi
 
 #check whether "funny" spaces can be interpreted
-id=`$VALGRIND $CERTTOOL --key-id --infile $srcdir/funny-spacing.pem --hash sha1`
+id=`${VALGRIND} "${CERTTOOL}" --key-id --infile "${srcdir}/funny-spacing.pem" --hash sha1`
 rc=$?
 
-if test "$id" != "1e09d707d4e3651b84dcb6c68a828d2affef7ec3";then
-       echo "Key-ID1 doesn't match the expected: $id"
+if test "${id}" != "1e09d707d4e3651b84dcb6c68a828d2affef7ec3";then
+       echo "Key-ID1 doesn't match the expected: ${id}"
        exit 1
 fi
 
-id=`$VALGRIND $CERTTOOL --key-id --infile $srcdir/funny-spacing.pem`
+id=`$VALGRIND "${CERTTOOL}" --key-id --infile "${srcdir}/funny-spacing.pem"`
 rc=$?
 
-if test "$id" != "1e09d707d4e3651b84dcb6c68a828d2affef7ec3";then
-       echo "Default key-ID1 doesn't match the expected; did the defaults change? ID: $id"
+if test "${id}" != "1e09d707d4e3651b84dcb6c68a828d2affef7ec3";then
+       echo "Default key-ID1 doesn't match the expected; did the defaults change? ID: ${id}"
        exit 1
 fi
 
-id=`$CERTTOOL --pubkey-info <$srcdir/funny-spacing.pem|$CERTTOOL --key-id --hash sha1`
+id=`"${CERTTOOL}" --pubkey-info <"${srcdir}/funny-spacing.pem"|"${CERTTOOL}" --key-id --hash sha1`
 rc=$?
 
-if test "$id" != "1e09d707d4e3651b84dcb6c68a828d2affef7ec3";then
-       echo "Key-ID2 doesn't match the expected: $id"
+if test "${id}" != "1e09d707d4e3651b84dcb6c68a828d2affef7ec3";then
+       echo "Key-ID2 doesn't match the expected: ${id}"
        exit 1
 fi
 
-id=`$CERTTOOL --pubkey-info <$srcdir/funny-spacing.pem|$CERTTOOL --key-id --hash sha256`
+id=`"${CERTTOOL}" --pubkey-info <"${srcdir}/funny-spacing.pem"|"${CERTTOOL}" --key-id --hash sha256`
 rc=$?
 
-if test "$id" != "118e72e3655150c895ecbd19b3634179fb4a87c7a25abefcb11f5d66661d5a4d";then
-       echo "Key-ID3 doesn't match the expected: $id"
+if test "${id}" != "118e72e3655150c895ecbd19b3634179fb4a87c7a25abefcb11f5d66661d5a4d";then
+       echo "Key-ID3 doesn't match the expected: ${id}"
        exit 1
 fi
 
 #fingerprint
-id=`$VALGRIND $CERTTOOL --fingerprint --infile $srcdir/funny-spacing.pem`
+id=`${VALGRIND} "${CERTTOOL}" --fingerprint --infile "${srcdir}/funny-spacing.pem"`
 rc=$?
 
-if test "$id" != "8f735c5ddefd723f59b6a3bb2ac0522470c0182f";then
+if test "${id}" != "8f735c5ddefd723f59b6a3bb2ac0522470c0182f";then
        echo "Fingerprint doesn't match the expected: 3"
        exit 1
 fi
 
-id=`$VALGRIND $CERTTOOL --fingerprint --hash sha256 --infile $srcdir/funny-spacing.pem`
+id=`${VALGRIND} "${CERTTOOL}" --fingerprint --hash sha256 --infile "${srcdir}/funny-spacing.pem"`
 rc=$?
 
-if test "$id" != "fc5b45b20c489393a457f177572920ac40bacba9d25cea51200822271eaf7d1f";then
+if test "${id}" != "fc5b45b20c489393a457f177572920ac40bacba9d25cea51200822271eaf7d1f";then
        echo "Fingerprint doesn't match the expected: 4"
        exit 1
 fi
index 18c2e2a4b822793749c1c84e2edba8302a5c4356..4d87c45bc3158a2c7c0ca5b979cffdfc333824b2 100755 (executable)
 
 #set -e
 
-srcdir=${srcdir:-.}
-CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
-DIFF=${DIFF:-diff}
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool$EXEEXT}"
+DIFF="${DIFF:-diff}"
 if ! test -z "${VALGRIND}";then
 VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
 fi
 OUTFILE=out.tmp
 
-$VALGRIND $CERTTOOL --inder --crq-info --infile $srcdir/csr-invalid.der >$OUTFILE 2>&1
+${VALGRIND} "${CERTTOOL}" --inder --crq-info --infile "${srcdir}/csr-invalid.der" >"${OUTFILE}" 2>&1
 rc=$?
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Invalid crq decoding failed"
-  exit $rc
+  exit ${rc}
 fi
 
-grep "error: get_key_id" $OUTFILE >/dev/null 2>&1
+grep "error: get_key_id" "${OUTFILE}" >/dev/null 2>&1
 if test "$?" != "0"; then
   echo "crq decoding didn't fail as expected"
   exit 1
 fi
 
-rm -f $OUTFILE
+rm -f "${OUTFILE}"
 
 exit 0
index c43d7d9f6bea9cba9d647f9c0d79113e1719f3b5..55688eb2f298d75f5d83ee3112f5ac83f2e96dbc 100755 (executable)
 
 set -e
 
-srcdir=${srcdir:-.}
-DANETOOL=${DANETOOL:-../../src/danetool$EXEEXT}
-DIFF=${DIFF:-diff}
+srcdir="${srcdir:-.}"
+DANETOOL="${DANETOOL:-../../src/danetool$EXEEXT}"
+DIFF="${DIFF:-diff}"
 
-test -e $DANETOOL || exit 77
+test -e "${DANETOOL}" || exit 77
 
-$DANETOOL --tlsa-rr --load-certificate $srcdir/cert-ecc256.pem --host www.example.com --outfile tmp-dane.rr 2>/dev/null
+"${DANETOOL}" --tlsa-rr --load-certificate "${srcdir}/cert-ecc256.pem" --host www.example.com --outfile tmp-dane.rr 2>/dev/null
 
-$DIFF $srcdir/dane-test.rr tmp-dane.rr
+${DIFF} "${srcdir}/dane-test.rr" tmp-dane.rr
 rc=$?
 
 rm -f tmp-dane.rr
 
 # We're done.
-if test "$rc" != "0"; then
-  exit $rc
+if test "${rc}" != "0"; then
+  exit ${rc}
 fi
 
 exit 0
index abc91f2bbb7a549350873a001ec9996020f89b61..3b093a413684e5df7849c55aa32c7d33c5b98daa 100755 (executable)
 # along with GnuTLS; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
-srcdir=${srcdir:-.}
-CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
-DIFF=${DIFF:-diff}
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool$EXEEXT}"
+DIFF=$"{DIFF:-diff}"
 if ! test -z "${VALGRIND}";then
 VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
 fi
 
-$VALGRIND $CERTTOOL -e --infile $srcdir/email-certs/chain.exclude.test.example.com --verify-email test@example.com
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/email-certs/chain.exclude.test.example.com" --verify-email test@example.com
 rc=$?
 
-if test "$rc" != "1"; then
+if test "${rc}" != "1"; then
   echo "email test 1 failed"
   exit 1
 fi
 
-$VALGRIND $CERTTOOL -e --infile $srcdir/email-certs/chain.exclude.test.example.com --verify-email invalid@example.com
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/email-certs/chain.exclude.test.example.com" --verify-email invalid@example.com
 rc=$?
 
-if test "$rc" != "1"; then
+if test "${rc}" != "1"; then
   echo "email test 2 failed"
   exit 1
 fi
 
-$VALGRIND $CERTTOOL -e --infile $srcdir/email-certs/chain.test.example.com --verify-email test@example.com
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/email-certs/chain.test.example.com" --verify-email test@example.com
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "email test 3 failed"
   exit 1
 fi
 
-$VALGRIND $CERTTOOL -e --infile $srcdir/email-certs/chain.test.example.com --verify-email invalid@example.com
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/email-certs/chain.test.example.com" --verify-email invalid@example.com
 rc=$?
 
-if test "$rc" != "1"; then
+if test "${rc}" != "1"; then
   echo "email test 4 failed"
   exit 1
 fi
 
-$VALGRIND $CERTTOOL -e --infile $srcdir/email-certs/chain.invalid.example.com --verify-email invalid@example.com
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/email-certs/chain.invalid.example.com" --verify-email invalid@example.com
 rc=$?
 
-if test "$rc" != "1"; then
+if test "${rc}" != "1"; then
   echo "email test 5 failed"
   exit 1
 fi
 
-$VALGRIND $CERTTOOL -e --infile $srcdir/email-certs/chain.invalid.example.com --verify-email test@cola.com
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/email-certs/chain.invalid.example.com" --verify-email test@cola.com
 rc=$?
 
-if test "$rc" != "1"; then
+if test "${rc}" != "1"; then
   echo "email test 6 failed"
   exit 1
 fi
 
-$VALGRIND $CERTTOOL -e --infile $srcdir/email-certs/chain.test.example.com-2 --verify-email test@example.com
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/email-certs/chain.test.example.com-2" --verify-email test@example.com
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "email test 7 failed"
   exit 1
 fi
 
-$VALGRIND $CERTTOOL -e --infile $srcdir/email-certs/chain.test.example.com-2 --verify-email invalid@example.com
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/email-certs/chain.test.example.com-2" --verify-email invalid@example.com
 rc=$?
 
-if test "$rc" != "1"; then
+if test "${rc}" != "1"; then
   echo "email test 8 failed"
   exit 1
 fi
index 5c21abfc50bd5046df44eb6e56faf4efa562298b..3f8553a98cf1757c360212f5429c074938ea78b5 100755 (executable)
 
 #set -e
 
-srcdir=${srcdir:-.}
-CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
-DIFF=${DIFF:-diff}
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool$EXEEXT}"
+DIFF="${DIFF:-diff}"
 if ! test -z "${VALGRIND}";then
 VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
 fi
 
 #check whether a different PKCS #1 signature than the advertized in certificate is tolerated
-$VALGRIND $CERTTOOL -e --infile $srcdir/invalid-sig.pem
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/invalid-sig.pem"
 rc=$?
 
 # We're done.
-if test "$rc" = "0"; then
+if test "${rc}" = "0"; then
   echo "Verification of invalid signature (1) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 #check whether a different tbsCertificate than the outer signature algorithm is tolerated
-$VALGRIND $CERTTOOL -e --infile $srcdir/invalid-sig2.pem
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/invalid-sig2.pem"
 rc=$?
 
 # We're done.
-if test "$rc" = "0"; then
+if test "${rc}" = "0"; then
   echo "Verification of invalid signature (2) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 #check whether a different tbsCertificate than the outer signature algorithm is tolerated
-$VALGRIND $CERTTOOL -e --infile $srcdir/invalid-sig3.pem
+${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/invalid-sig3.pem"
 rc=$?
 
 # We're done.
-if test "$rc" = "0"; then
+if test "${rc}" = "0"; then
   echo "Verification of invalid signature (3) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 exit 0
index ed79b44b919fd6f5214b05b853257ed6c5876401..18084f57ff452c68d75fdf633c827be964d62910 100755 (executable)
 
 set -e
 
-srcdir=${srcdir:-.}
-CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
-DIFF=${DIFF:-diff}
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool$EXEEXT}"
+DIFF="${DIFF:-diff}"
 if ! test -z "${VALGRIND}";then
 VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
 fi
 
-$VALGRIND $CERTTOOL --certificate-info --infile $srcdir/ca-no-pathlen.pem \
+${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/ca-no-pathlen.pem" \
          |grep -v "Algorithm Security Level" > new-ca-no-pathlen.pem
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "info 1 failed"
-  exit $rc
+  exit ${rc}
 fi
 
-$VALGRIND $CERTTOOL --certificate-info --infile $srcdir/no-ca-or-pathlen.pem \
+${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/no-ca-or-pathlen.pem" \
          |grep -v "Algorithm Security Level" > new-no-ca-or-pathlen.pem
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "info 2 failed"
-  exit $rc
+  exit ${rc}
 fi
 
-$DIFF $srcdir/ca-no-pathlen.pem new-ca-no-pathlen.pem
+${DIFF} "${srcdir}/ca-no-pathlen.pem" new-ca-no-pathlen.pem
 rc1=$?
-$DIFF $srcdir/no-ca-or-pathlen.pem new-no-ca-or-pathlen.pem
+${DIFF} "${srcdir}/no-ca-or-pathlen.pem" new-no-ca-or-pathlen.pem
 rc2=$?
 
 
 # We're done.
-if test "$rc1" != "0"; then
-  exit $rc1
+if test "${rc1}" != "0"; then
+  exit ${rc1}
 fi
 
 rm -f new-ca-no-pathlen.pem new-no-ca-or-pathlen.pem
 
-exit $rc2
+exit ${rc2}
index 866c96750977db4daea936f33628b76309a8dc76..63303734a9faff318c436bda10b2fa0f1996be0d 100755 (executable)
 
 #set -e
 
-srcdir=${srcdir:-.}
-CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
-DIFF=${DIFF:-diff}
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool$EXEEXT}"
+DIFF="${DIFF:-diff}"
 if ! test -z "${VALGRIND}";then
 VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
 fi
 
 #check whether "funny" spaces can be interpreted
-$VALGRIND $CERTTOOL --certificate-info --infile $srcdir/funny-spacing.pem >/dev/null 2>&1
+${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/funny-spacing.pem" >/dev/null 2>&1
 rc=$?
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Funny-spacing cert decoding failed 1"
-  exit $rc
+  exit ${rc}
 fi
 
 #check whether a BMPString attribute can be properly decoded
-$VALGRIND $CERTTOOL --certificate-info --infile $srcdir/bmpstring.pem >tmp-pem.pem
+${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/bmpstring.pem" >tmp-pem.pem
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "BMPString cert decoding failed 1"
-  exit $rc
+  exit ${rc}
 fi
 
 #Note that --strip-trailing-cr is used for the test
 #to run on windows platform.
-$DIFF $srcdir/bmpstring.pem tmp-pem.pem || $DIFF --strip-trailing-cr $srcdir/bmpstring.pem tmp-pem.pem
+${DIFF} "${srcdir}/bmpstring.pem" tmp-pem.pem || ${DIFF} --strip-trailing-cr "${srcdir}/bmpstring.pem" tmp-pem.pem
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "BMPString cert decoding failed 2"
-  exit $rc
+  exit ${rc}
 fi
 
 #check whether complex-cert is decoded as expected
-$VALGRIND $CERTTOOL --certificate-info --infile $srcdir/complex-cert.pem >tmp-pem.pem
+${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/complex-cert.pem" >tmp-pem.pem
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Complex cert decoding failed 1"
-  exit $rc
+  exit ${rc}
 fi
 
-cat $srcdir/complex-cert.pem |grep -v "Not After:" >tmp1
+cat "${srcdir}/complex-cert.pem" |grep -v "Not After:" >tmp1
 cat tmp-pem.pem |grep -v "Not After:" >tmp2
-$DIFF tmp1 tmp2 || $DIFF --strip-trailing-cr tmp1 tmp2
+${DIFF} tmp1 tmp2 || ${DIFF} --strip-trailing-cr tmp1 tmp2
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Complex cert decoding failed 2"
-  exit $rc
+  exit ${rc}
 fi
 
 #check whether the cert with many othernames is decoded as expected
-$VALGRIND $CERTTOOL --certificate-info --infile $srcdir/xmpp-othername.pem >tmp-pem.pem
+${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/xmpp-othername.pem" >tmp-pem.pem
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "XMPP cert decoding failed 1"
-  exit $rc
+  exit ${rc}
 fi
 
-cat $srcdir/xmpp-othername.pem |grep -v "Not After:" >tmp1
+cat "${srcdir}/xmpp-othername.pem" |grep -v "Not After:" >tmp1
 cat tmp-pem.pem |grep -v "Not After:" >tmp2
-$DIFF tmp1 tmp2 || $DIFF --strip-trailing-cr tmp1 tmp2
+${DIFF} tmp1 tmp2 || ${DIFF} --strip-trailing-cr tmp1 tmp2
 rc=$?
 
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "XMPP cert decoding failed 2"
-  exit $rc
+  exit ${rc}
 fi
 
 rm -f tmp-pem.pem tmp1 tmp2
index 7d28c8481f93d2b2ad39191334b0ad309d748a72..f2a6ff0e4783c414d5a17fd1fa33cff7795be9c3 100755 (executable)
@@ -20,9 +20,9 @@
 
 #set -e
 
-srcdir=${srcdir:-.}
-CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
-DIFF=${DIFF:-diff}
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool$EXEEXT}"
+DIFF="${DIFF:-diff}"
 if ! test -z "${VALGRIND}";then
 VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
 fi
@@ -30,18 +30,18 @@ OUTFILE=out-pkcs7.tmp
 OUTFILE2=out2-pkcs7.tmp
 
 for FILE in single-ca.p7b full.p7b;do
-$VALGRIND $CERTTOOL --inder --p7-info --infile $srcdir/$FILE|grep -v "Signing time" >$OUTFILE
+${VALGRIND} "${CERTTOOL}" --inder --p7-info --infile "${srcdir}/${FILE}"|grep -v "Signing time" >"${OUTFILE}"
 rc=$?
 
 # We're done.
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 decoding failed"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 decoding failed"
+  exit ${rc}
 fi
 
-$DIFF $OUTFILE $srcdir/$FILE.out >/dev/null
+${DIFF} "${OUTFILE}" "${srcdir}/${FILE}.out" >/dev/null
 if test "$?" != "0"; then
-  echo "$FILE: PKCS7 decoding didn't produce the correct file"
+  echo "${FILE}: PKCS7 decoding didn't produce the correct file"
   exit 1
 fi
 done
@@ -49,27 +49,27 @@ done
 # check signatures
 
 for FILE in full.p7b;do
-$VALGRIND $CERTTOOL --inder --p7-verify --load-ca-certificate $srcdir/../../doc/credentials/x509/ca.pem --infile $srcdir/$FILE >$OUTFILE
+${VALGRIND} "${CERTTOOL}" --inder --p7-verify --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" --infile "${srcdir}/${FILE}" >"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 verification failed"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 verification failed"
+  exit ${rc}
 fi
 
-$VALGRIND $CERTTOOL --verify-purpose=1.3.6.1.5.5.7.3.1 --inder --p7-verify --load-ca-certificate $srcdir/../../doc/credentials/x509/ca.pem --infile $srcdir/$FILE >$OUTFILE
+${VALGRIND} "${CERTTOOL}" --verify-purpose=1.3.6.1.5.5.7.3.1 --inder --p7-verify --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" --infile "${srcdir}/${FILE}" >"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 verification failed with key purpose"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 verification failed with key purpose"
+  exit ${rc}
 fi
 
-$VALGRIND $CERTTOOL --verify-purpose=1.3.6.1.5.5.7.3.3 --inder --p7-verify --load-ca-certificate $srcdir/../../doc/credentials/x509/ca.pem --infile $srcdir/$FILE >$OUTFILE
+${VALGRIND} "${CERTTOOL}" --verify-purpose=1.3.6.1.5.5.7.3.3 --inder --p7-verify --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" --infile "${srcdir}/${FILE}" >"${OUTFILE}"
 rc=$?
 
-if test "$rc" = "0"; then
-  echo "$FILE: PKCS7 verification succeeded with wrong key purpose"
+if test "${rc}" = "0"; then
+  echo "${FILE}: PKCS7 verification succeeded with wrong key purpose"
   exit 2
 fi
 
@@ -77,123 +77,123 @@ done
 
 # check signature with detached data
 
-FILE=detached.p7b
-$VALGRIND $CERTTOOL --inder --p7-verify --load-ca-certificate $srcdir/../../doc/credentials/x509/ca.pem --infile $srcdir/$FILE
+FILE="detached.p7b"
+${VALGRIND} "${CERTTOOL}" --inder --p7-verify --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" --infile "${srcdir}/${FILE}"
 rc=$?
 
-if test "$rc" = "0"; then
-  echo "$FILE: PKCS7 verification succeeded without providing detached data"
+if test "${rc}" = "0"; then
+  echo "${FILE}: PKCS7 verification succeeded without providing detached data"
   exit 2
 fi
 
-$VALGRIND $CERTTOOL --inder --p7-verify --load-data $srcdir/pkcs7-detached.txt --load-ca-certificate $srcdir/../../doc/credentials/x509/ca.pem --infile $srcdir/$FILE
+${VALGRIND} "${CERTTOOL}" --inder --p7-verify --load-data "${srcdir}/pkcs7-detached.txt" --load-ca-certificate "${srcdir}/../../doc/credentials/x509/ca.pem" --infile "${srcdir}/${FILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 verification failed"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 verification failed"
+  exit ${rc}
 fi
 
 # Test cert combination
 
 FILE="p7-combined"
-cat $srcdir/../certs/cert*.pem >$OUTFILE2
-$VALGRIND $CERTTOOL --p7-generate --load-certificate $OUTFILE2 >$OUTFILE
+cat "${srcdir}/../certs"/cert*.pem >"${OUTFILE2}"
+${VALGRIND} "${CERTTOOL}" --p7-generate --load-certificate "${OUTFILE2}" >"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 struct generation failed"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 struct generation failed"
+  exit ${rc}
 fi
 
-$DIFF $OUTFILE $srcdir/p7-combined.out >/dev/null
+${DIFF} "${OUTFILE}" "${srcdir}/p7-combined.out" >/dev/null
 if test "$?" != "0"; then
-  echo "$FILE: PKCS7 generation didn't produce the correct file"
+  echo "${FILE}: PKCS7 generation didn't produce the correct file"
   exit 1
 fi
 
 # Test signing
-FILE=signing
-$VALGRIND $CERTTOOL --p7-sign --load-privkey  $srcdir/../../doc/credentials/x509/key-rsa.pem --load-certificate $srcdir/../../doc/credentials/x509/cert-rsa.pem --infile $srcdir/pkcs7-detached.txt >$OUTFILE
+FILE="signing"
+${VALGRIND} "${CERTTOOL}" --p7-sign --load-privkey  "${srcdir}/../../doc/credentials/x509/key-rsa.pem" --load-certificate "${srcdir}/../../doc/credentials/x509/cert-rsa.pem" --infile "${srcdir}/pkcs7-detached.txt" >"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 struct signing failed"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 struct signing failed"
+  exit ${rc}
 fi
 
-FILE=signing-verify
-$VALGRIND $CERTTOOL --p7-verify --load-certificate $srcdir/../../doc/credentials/x509/cert-rsa.pem <$OUTFILE
+FILE="signing-verify"
+${VALGRIND} "${CERTTOOL}" --p7-verify --load-certificate "${srcdir}/../../doc/credentials/x509/cert-rsa.pem" <"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 struct signing failed verification"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 struct signing failed verification"
+  exit ${rc}
 fi
 
 
-FILE=signing-detached
-$VALGRIND $CERTTOOL --p7-detached-sign --load-privkey  $srcdir/../../doc/credentials/x509/key-rsa.pem --load-certificate $srcdir/../../doc/credentials/x509/cert-rsa.pem --infile $srcdir/pkcs7-detached.txt >$OUTFILE
+FILE="signing-detached"
+${VALGRIND} "${CERTTOOL}" --p7-detached-sign --load-privkey  "${srcdir}/../../doc/credentials/x509/key-rsa.pem" --load-certificate "${srcdir}/../../doc/credentials/x509/cert-rsa.pem" --infile "${srcdir}/pkcs7-detached.txt" >"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 struct signing-detached failed"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 struct signing-detached failed"
+  exit ${rc}
 fi
 
-FILE=signing-detached-verify
-$VALGRIND $CERTTOOL --p7-verify --load-certificate $srcdir/../../doc/credentials/x509/cert-rsa.pem --load-data $srcdir/pkcs7-detached.txt <$OUTFILE
+FILE="signing-detached-verify"
+${VALGRIND} "${CERTTOOL}" --p7-verify --load-certificate "${srcdir}/../../doc/credentials/x509/cert-rsa.pem" --load-data "${srcdir}/pkcs7-detached.txt" <"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 struct signing-detached failed verification"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 struct signing-detached failed verification"
+  exit ${rc}
 fi
 
 # Test signing with broken algorithms
-FILE=signing-broken
-$VALGRIND $CERTTOOL --hash md5 --p7-sign --load-privkey  $srcdir/../../doc/credentials/x509/key-rsa.pem --load-certificate $srcdir/../../doc/credentials/x509/cert-rsa.pem --infile $srcdir/pkcs7-detached.txt >$OUTFILE
+FILE="signing-broken"
+${VALGRIND} "${CERTTOOL}" --hash md5 --p7-sign --load-privkey  "${srcdir}/../../doc/credentials/x509/key-rsa.pem" --load-certificate "${srcdir}/../../doc/credentials/x509/cert-rsa.pem" --infile "${srcdir}/pkcs7-detached.txt" >"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 struct signing-broken failed"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 struct signing-broken failed"
+  exit ${rc}
 fi
 
-FILE=signing-verify-broken
-$VALGRIND $CERTTOOL --p7-verify --load-certificate $srcdir/../../doc/credentials/x509/cert-rsa.pem <$OUTFILE
+FILE="signing-verify-broken"
+${VALGRIND} "${CERTTOOL}" --p7-verify --load-certificate "${srcdir}/../../doc/credentials/x509/cert-rsa.pem" <"${OUTFILE}"
 rc=$?
 
-if test "$rc" = "0"; then
-  echo "$FILE: PKCS7 struct verification succeeded with broken algo"
+if test "${rc}" = "0"; then
+  echo "${FILE}: PKCS7 struct verification succeeded with broken algo"
   exit 1
 fi
 
-FILE=signing-time
-$VALGRIND $CERTTOOL --p7-detached-sign --p7-time --load-privkey  $srcdir/../../doc/credentials/x509/key-rsa.pem --load-certificate $srcdir/../../doc/credentials/x509/cert-rsa.pem --infile $srcdir/pkcs7-detached.txt >$OUTFILE
+FILE="signing-time"
+${VALGRIND} "${CERTTOOL}" --p7-detached-sign --p7-time --load-privkey  "${srcdir}/../../doc/credentials/x509/key-rsa.pem" --load-certificate "${srcdir}/../../doc/credentials/x509/cert-rsa.pem" --infile "${srcdir}/pkcs7-detached.txt" >"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 struct signing with time failed"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 struct signing with time failed"
+  exit ${rc}
 fi
 
-$VALGRIND $CERTTOOL --p7-info <$OUTFILE|grep "Signing time:" $OUTFILE >/dev/null 2>&1
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 struct signing with time failed. No time was found."
-  exit $rc
+${VALGRIND} "${CERTTOOL}" --p7-info <"${OUTFILE}"|grep "Signing time:" "${OUTFILE}" >/dev/null 2>&1
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 struct signing with time failed. No time was found."
+  exit ${rc}
 fi
 
-FILE=signing-time-verify
-$VALGRIND $CERTTOOL --p7-verify --load-certificate $srcdir/../../doc/credentials/x509/cert-rsa.pem --load-data $srcdir/pkcs7-detached.txt <$OUTFILE
+FILE="signing-time-verify"
+${VALGRIND} "${CERTTOOL}" --p7-verify --load-certificate "${srcdir}/../../doc/credentials/x509/cert-rsa.pem" --load-data "${srcdir}/pkcs7-detached.txt" <"${OUTFILE}"
 rc=$?
 
-if test "$rc" != "0"; then
-  echo "$FILE: PKCS7 struct signing with time failed verification"
-  exit $rc
+if test "${rc}" != "0"; then
+  echo "${FILE}: PKCS7 struct signing with time failed verification"
+  exit ${rc}
 fi
 
-rm -f $OUTFILE
-rm -f $OUTFILE2
+rm -f "${OUTFILE}"
+rm -f "${OUTFILE2}"
 
 exit 0
index 8143bfac5f33464bb6dbf8c21105a2534ca52541..f1bc80255211ff805a2dc5700e7d606d759ac20c 100755 (executable)
@@ -20,8 +20,9 @@
 
 #set -e
 
-srcdir=${srcdir:-.}
-CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool$EXEEXT}"
+DIFF="${DIFF:-diff}"
 
 export TZ="UTC"
 
@@ -40,25 +41,24 @@ fi
 rc=1
 counter=1
 
-while [ "$rc" != "0" -a $counter -le 3 ]
+while [ "${rc}" != "0" -a $counter -le 3 ]
 do
-      
 datefudge "2007-04-22" \
-    $CERTTOOL --generate-self-signed \
-    --load-privkey $srcdir/template-test.key \
-    --template $srcdir/template-test.tmpl \
+    "${CERTTOOL}" --generate-self-signed \
+    --load-privkey "${srcdir}/template-test.key" \
+    --template "${srcdir}/template-test.tmpl" \
     --outfile tmp-tt.pem 2>/dev/null
 
-diff $srcdir/template-test.pem tmp-tt.pem >/dev/null 2>&1
+${DIFF} "${srcdir}/template-test.pem" tmp-tt.pem >/dev/null 2>&1
 rc=$?
-test $rc != 0 && sleep 3
-counter=`expr $counter + 1` 
+test ${rc} != 0 && sleep 3
+counter=`expr $counter + 1`
 done
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Test 1 failed"
-  exit $rc
+  exit ${rc}
 fi
 
 rm -f tmp-tt.pem
@@ -66,24 +66,24 @@ rm -f tmp-tt.pem
 rc=1
 counter=1
 
-while [ "$rc" != "0" -a $counter -le 3 ]
+while [ "${rc}" != "0" -a $counter -le 3 ]
 do
 datefudge "2007-04-22" \
-    $CERTTOOL --generate-self-signed \
-    --load-privkey $srcdir/template-test.key \
-    --template $srcdir/template-utf8.tmpl \
+    "${CERTTOOL}" --generate-self-signed \
+    --load-privkey "${srcdir}/template-test.key" \
+    --template "${srcdir}/template-utf8.tmpl" \
     --outfile tmp-tt.pem 2>/dev/null
 
-diff $srcdir/template-utf8.pem tmp-tt.pem >/dev/null 2>&1
+${DIFF} "${srcdir}/template-utf8.pem" tmp-tt.pem >/dev/null 2>&1
 rc=$?
-test $rc != 0 && sleep 3
-counter=`expr $counter + 1` 
+test ${rc} != 0 && sleep 3
+counter=`expr $counter + 1`
 done
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Test 2 (UTF8) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 rm -f tmp-tt.pem
@@ -91,38 +91,38 @@ rm -f tmp-tt.pem
 rc=1
 counter=1
 
-while [ "$rc" != "0" -a $counter -le 3 ]
+while [ "${rc}" != "0" -a $counter -le 3 ]
 do
 datefudge "2007-04-22" \
-    $CERTTOOL --generate-self-signed \
-    --load-privkey $srcdir/template-test.key \
-    --template $srcdir/template-dn.tmpl \
+    "${CERTTOOL}" --generate-self-signed \
+    --load-privkey "${srcdir}/template-test.key" \
+    --template "${srcdir}/template-dn.tmpl" \
     --outfile tmp-tt.pem 2>/dev/null
 
-diff $srcdir/template-dn.pem tmp-tt.pem >/dev/null 2>&1
+${DIFF} "${srcdir}/template-dn.pem" tmp-tt.pem >/dev/null 2>&1
 rc=$?
-test $rc != 0 && sleep 3
-counter=`expr $counter + 1` 
+test ${rc} != 0 && sleep 3
+counter=`expr $counter + 1`
 done
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Test 3 (DN) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 rm -f tmp-tt.pem
 
 datefudge "2007-04-22" \
-    $CERTTOOL --generate-self-signed \
-    --load-privkey $srcdir/template-test.key \
-    --template $srcdir/template-dn-err.tmpl \
+    "${CERTTOOL}" --generate-self-signed \
+    --load-privkey "${srcdir}/template-test.key" \
+    --template "${srcdir}/template-dn-err.tmpl" \
     --outfile tmp-tt.pem 2>/dev/null
 rc=$?
 
-if test "$rc" = "0"; then
+if test "${rc}" = "0"; then
   echo "Test 3 (DN-err) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 rm -f tmp-tt.pem
@@ -130,24 +130,24 @@ rm -f tmp-tt.pem
 rc=1
 counter=1
 
-while [ "$rc" != "0" -a $counter -le 3 ]
+while [ "${rc}" != "0" -a $counter -le 3 ]
 do
 datefudge "2007-04-22" \
-    $CERTTOOL --generate-self-signed \
-    --load-privkey $srcdir/template-test.key \
-    --template $srcdir/template-overflow.tmpl \
+    "${CERTTOOL}" --generate-self-signed \
+    --load-privkey "${srcdir}/template-test.key" \
+    --template "${srcdir}/template-overflow.tmpl" \
     --outfile tmp-tt.pem 2>/dev/null
 
-diff $srcdir/template-overflow.pem tmp-tt.pem >/dev/null 2>&1 
+${DIFF} "${srcdir}/template-overflow.pem" tmp-tt.pem >/dev/null 2>&1
 rc=$?
-test $rc != 0 && sleep 3
-counter=`expr $counter + 1` 
+test ${rc} != 0 && sleep 3
+counter=`expr $counter + 1`
 done
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Test 4 (overflow1) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 rm -f tmp-tt.pem
@@ -158,24 +158,24 @@ if echo __SIZEOF_POINTER__ | cpp -E - - | grep '^8$' >/dev/null; then
 rc=1
 counter=1
 
-while [ "$rc" != "0" -a $counter -le 3 ]
+while [ "${rc}" != "0" -a $counter -le 3 ]
 do
 datefudge "2007-04-22" \
-    $CERTTOOL --generate-self-signed \
-    --load-privkey $srcdir/template-test.key \
-    --template $srcdir/template-overflow2.tmpl \
+    "${CERTTOOL}" --generate-self-signed \
+    --load-privkey "${srcdir}/template-test.key" \
+    --template "${srcdir}/template-overflow2.tmpl" \
     --outfile tmp-tt.pem 2>/dev/null
 
-diff $srcdir/template-overflow2.pem tmp-tt.pem >/dev/null 2>&1
+${DIFF} "${srcdir}/template-overflow2.pem" tmp-tt.pem >/dev/null 2>&1
 rc=$?
-test $rc != 0 && sleep 3
-counter=`expr $counter + 1` 
+test ${rc} != 0 && sleep 3
+counter=`expr $counter + 1`
 done
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Test 5 (overflow2) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 rm -f tmp-tt.pem
@@ -184,24 +184,24 @@ fi
 rc=1
 counter=1
 
-while [ "$rc" != "0" -a $counter -le 3 ]
+while [ "${rc}" != "0" -a $counter -le 3 ]
 do
 datefudge "2007-04-22" \
-    $CERTTOOL --generate-self-signed \
-    --load-privkey $srcdir/template-test.key \
-    --template $srcdir/template-date.tmpl \
+    "${CERTTOOL}" --generate-self-signed \
+    --load-privkey "${srcdir}/template-test.key" \
+    --template "${srcdir}/template-date.tmpl" \
     --outfile tmp-tt.pem 2>/dev/null
 
-diff $srcdir/template-date.pem tmp-tt.pem >/dev/null 2>&1
+${DIFF} "${srcdir}/template-date.pem" tmp-tt.pem >/dev/null 2>&1
 rc=$?
-test $rc != 0 && sleep 3
-counter=`expr $counter + 1` 
+test ${rc} != 0 && sleep 3
+counter=`expr $counter + 1`
 done
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Test 6 (explicit dates) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 rm -f tmp-tt.pem
@@ -211,24 +211,24 @@ rm -f tmp-tt.pem
 rc=1
 counter=1
 
-while [ "$rc" != "0" -a $counter -le 3 ]
+while [ "${rc}" != "0" -a $counter -le 3 ]
 do
 datefudge "2007-04-22" \
-    $CERTTOOL --generate-self-signed \
-    --load-privkey $srcdir/template-test.key \
-    --template $srcdir/template-nc.tmpl \
+    "${CERTTOOL}" --generate-self-signed \
+    --load-privkey "${srcdir}/template-test.key" \
+    --template "${srcdir}/template-nc.tmpl" \
     --outfile tmp-tt.pem 2>/dev/null
 
-diff $srcdir/template-nc.pem tmp-tt.pem >/dev/null 2>&1
+${DIFF} "${srcdir}/template-nc.pem" tmp-tt.pem >/dev/null 2>&1
 rc=$?
-test $rc != 0 && sleep 3
-counter=`expr $counter + 1` 
+test ${rc} != 0 && sleep 3
+counter=`expr $counter + 1`
 done
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Test 7 (name constraints) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 rm -f tmp-tt.pem
@@ -239,25 +239,24 @@ if test "$(getconf LONG_BIT)" = "64";then
 rc=1
 counter=1
 
-while [ "$rc" != "0" -a $counter -le 3 ]
+while [ "${rc}" != "0" -a $counter -le 3 ]
 do
-      
 datefudge "2051-04-22" \
-    $CERTTOOL --generate-self-signed \
-    --load-privkey $srcdir/template-test.key \
-    --template $srcdir/template-generalized.tmpl \
+    "${CERTTOOL}" --generate-self-signed \
+    --load-privkey "${srcdir}/template-test.key" \
+    --template "${srcdir}/template-generalized.tmpl" \
     --outfile tmp-tt.pem 2>/dev/null
 
-diff $srcdir/template-generalized.pem tmp-tt.pem >/dev/null 2>&1
+${DIFF} "${srcdir}/template-generalized.pem" tmp-tt.pem >/dev/null 2>&1
 rc=$?
-test $rc != 0 && sleep 3
-counter=`expr $counter + 1` 
+test ${rc} != 0 && sleep 3
+counter=`expr $counter + 1`
 done
 
 # We're done.
-if test "$rc" != "0"; then
+if test "${rc}" != "0"; then
   echo "Test 8 (generalizedTime) failed"
-  exit $rc
+  exit ${rc}
 fi
 
 fi