diff --git a/lib/import/import-keynote.mk b/lib/import/import-keynote.mk
new file mode 100755
index 0000000..bb58753
--- /dev/null
+++ b/lib/import/import-keynote.mk
@@ -0,0 +1,2 @@
+KEYNOTE = keynote
+INC_DIR += $(call select_from_ports,keynote)/include
diff --git a/lib/mk/keynote.mk b/lib/mk/keynote.mk
new file mode 100755
index 0000000..47129b5
--- /dev/null
+++ b/lib/mk/keynote.mk
@@ -0,0 +1,27 @@
+KEYNOTE_PORT_DIR := $(call select_from_ports,keynote)
+KEYNOTE_DIR := $(KEYNOTE_PORT_DIR)/src/lib/keynote
+
+LIBS += libc libm libcrypto
+SHARED_LIB = yes
+
+INC_DIR += $(REP_DIR)/src/lib/keynote
+
+# keynote headres
+INC_DIR += $(KEYNOTE_DIR)/include
+SRC_C = k.tab.c \
+ lex.kn.c \
+ environment.c \
+ parse_assertion.c \
+ signature.c \
+ auxil.c \
+ base64.c \
+ z.tab.c \
+ lex.kv.c \
+ keynote-verify.c \
+ keynote-sign.c \
+ keynote-sigver.c \
+ keynote-keygen.c\
+ keynote-main.c
+
+CC_OPT = -O2 -w -DCRYPTO -DHAVE_CONFIG_H
+vpath %.c $(KEYNOTE_DIR)
diff --git a/ports/keynote.hash b/ports/keynote.hash
new file mode 100755
index 0000000..f68e05c
--- /dev/null
+++ b/ports/keynote.hash
@@ -0,0 +1 @@
+852d87a89b8079be576fa4344271e5f0368c67ec
diff --git a/ports/keynote.port b/ports/keynote.port
new file mode 100755
index 0000000..b32566b
--- /dev/null
+++ b/ports/keynote.port
@@ -0,0 +1,34 @@
+LICENSE := BSD
+VERSION := 2.3
+DOWNLOADS := keynote.archive
+
+URL(keynote) := https://www.cs.columbia.edu/~angelos/Code/keynote.tar.gz
+SHA(keynote) :=1b51066ffc66d04660cc206254c41531a17e8b04
+DIR(keynote) := src/lib/keynote
+
+
+
+DIRS := include/keynote
+DIR_CONTENT(include/keynote) := src/lib/keynote/keynote.h\
+ src/lib/keynote/header.h\
+ src/lib/keynote/assertion.h\
+ src/lib/keynote/signature.h
+
+$(call check_tool,lex)
+$(call check_tool,bison)
+
+gen_files := src/lib/keynote/k.tab.c src/lib/keynote/lex.kn.c src/lib/keynote/lex.kv.c src/lib/keynote/z.tab.c
+default: $(gen_files)
+$(gen_files): $(DOWNLOADS)
+
+src/lib/keynote/k.tab.c :
+ $(VERBOSE)bison -y -d -p kn -b k src/lib/keynote/keynote.y -o src/lib/keynote/k.tab.c
+
+src/lib/keynote/lex.kn.c:
+ $(VERBOSE)flex -Cr -Pkn -s -i -o src/lib/keynote/lex.kn.c src/lib/keynote/keynote.l
+
+src/lib/keynote/lex.kv.c :
+ $(VERBOSE)flex -Cr -Pkv -s -i -o src/lib/keynote/lex.kv.c src/lib/keynote/keynote-ver.l
+
+src/lib/keynote/z.tab.c:
+ $(VERBOSE)bison -y -d -p kv -b z src/lib/keynote/keynote-ver.y -o src/lib/keynote/z.tab.c
diff --git a/run/keynote.run b/run/keynote.run
new file mode 100755
index 0000000..f9bf406
--- /dev/null
+++ b/run/keynote.run
@@ -0,0 +1,60 @@
+#
+# Build
+#
+
+set build_components {
+ test/keynote
+ core init
+
+}
+
+build $build_components
+
+create_boot_directory
+
+#
+# Generate config
+#
+
+set config {
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+}
+
+install_config $config
+
+#
+# Boot modules
+#
+
+# generic modules
+set boot_modules {
+ core init
+ test-keynote
+ ld.lib.so libc.lib.so keynote.lib.so libm.lib.so libcrypto.lib.so
+}
+
+
+build_boot_image $boot_modules
+
+append qemu_args " -m 256 "
+
+run_genode_until {.*exited with exit value 0.*} 20
diff --git a/src/lib/keynote/config.h b/src/lib/keynote/config.h
new file mode 100755
index 0000000..7221139
--- /dev/null
+++ b/src/lib/keynote/config.h
@@ -0,0 +1,92 @@
+/* config.h. Generated automatically by configure. */
+/* config.hin. Generated automatically from configure.in by autoheader. */
+
+/* Define to empty if the keyword does not work. */
+/* #undef const */
+
+/* Define if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* Define if you can safely include both and . */
+#define TIME_WITH_SYS_TIME 1
+
+/* Define if you have the _close function. */
+/* #undef HAVE__CLOSE */
+
+/* Define if you have the _open function. */
+/* #undef HAVE__OPEN */
+
+/* Define if you have the _read function. */
+/* #undef HAVE__READ */
+
+/* Define if you have the b64_ntop function. */
+/* #undef HAVE___B64_NTOP */
+
+/* Define if you have the close function. */
+#define HAVE_CLOSE 1
+
+/* Define if you have the header file. */
+/* #undef HAVE_CRYPTO_H */
+
+/* Define if you have the getopt function. */
+#define HAVE_GETOPT 1
+
+/* Define if you have the memcpy function. */
+#define HAVE_MEMCPY 1
+
+/* Define if you have the open function. */
+#define HAVE_OPEN 1
+
+/* Define if you have the read function. */
+#define HAVE_READ 1
+
+/* Define if you have the regcomp function. */
+#define HAVE_REGCOMP 1
+
+/* Define if you have the snprintf function. */
+#define HAVE_SNPRINTF 1
+
+/* Define if you have the strcasecmp function. */
+#define HAVE_STRCASECMP 1
+
+/* Define if you have the strchr function. */
+#define HAVE_STRCHR 1
+
+/* Define if you have the stricmp function. */
+/* #undef HAVE_STRICMP */
+
+/* Define if you have the strncasecmp function. */
+#define HAVE_STRNCASECMP 1
+
+/* Define if you have the strnicmp function. */
+/* #undef HAVE_STRNICMP */
+
+/* Define if you have the header file. */
+#define HAVE_FCNTL_H 1
+
+/* Define if you have the header file. */
+/* #undef HAVE_IO_H */
+
+/* Define if you have the header file. */
+#define HAVE_LIMITS_H 1
+
+/* Define if you have the header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define if you have the header file. */
+#define HAVE_OPENSSL_CRYPTO_H 1
+
+/* Define if you have the header file. */
+#define HAVE_REGEX_H 1
+
+/* Define if you have the header file. */
+/* #undef HAVE_SSL_CRYPTO_H */
+
+/* Define if you have the header file. */
+#define HAVE_SYS_TIME_H 1
+
+/* Define if you have the header file. */
+#define HAVE_UNISTD_H 1
+
+/* Define if you have the crypto library (-lcrypto). */
+/* #undef HAVE_LIBCRYPTO */
diff --git a/src/test/keynote/main.cc b/src/test/keynote/main.cc
new file mode 100755
index 0000000..9823162
--- /dev/null
+++ b/src/test/keynote/main.cc
@@ -0,0 +1,511 @@
+#include
+#include
+#include
+#include
+//#include
+#include
+extern "C"
+{
+#if HAVE_CONFIG_H
+ #include
+#endif
+#include
+#include
+}
+char policy_assertions[] =
+"Authorizer: \"POLICY\"\n" \
+"Licensees: D1\n"\
+"Local-Constants: \n" \
+" D1 = \"rsa-hex:3048024100d15d08ce7d2103d93ef21a87330361\\\n" \
+" ff123096b14330f9f0936e8f2064ef815ffdaabbb7d3ba47b\\\n" \
+" 49fac090cf44818af7ac7d66c2910f32d8d5eb261328558e1\\\n" \
+" 0203010001\"\n" \
+"Comment: This is our first policy assertion\n" \
+"Conditions: app_domain == \"test application\" -> \"true\";\n" \
+"\n" \
+"Authorizer: \"POLICY\"\n" \
+"Licensees: KEY1 || KEY2\n" \
+"Local-Constants: \n" \
+" KEY1 = \"rsa-base64:MEgCQQCzxWCi619s3Bqf8QOZTREBFelqWvljw\\\n" \
+" vCwktO7/5zufcz+P0UBRBFNtasWgkP6/tAIK8MnLMUnejGsye\\\n" \
+" DS2EVzAgMBAAE=\"\n" \
+" KEY2 = \"dsa-base64:MIHfAkEAhRzwrvhbRXIJH+nGfQB/tRp3ueF0j\\\n" \
+" 4OqVU4GmC6eIlrmlKxR+Me6tjqtWJr5gf/AEOnzoQAPRIlpiP\\\n" \
+" VJX1mRjwJBAKHTpHS7M938wVr+lIMjq0H0Aav5T4jlxS2rphI\\\n" \
+" 4fbc7tJm6wPW9p2KyHbe9GaZgzYK1OdnNXdanM/AkLW4OKz0C\\\n" \
+" FQDF69A/EHKoQC1H6DxCi0L3HfW9uwJANCLE6ViRxnv4Jj0gV\\\n" \
+" 8aO/b5AD+uA63+0EXUxO0Hqp91lzhDg/61BusMxFq7mQI0CLv\\\n" \
+" S+dlCGShsYyB+VjSub7Q==\"\n" \
+"Comment: A slightly more complicated policy\n" \
+"Conditions: app_domain == \"test application\" && @some_num == 1 && \n" \
+" (some_var == \"some value\" || \n" \
+" some_var == \"some other value\") -> \"true\";";
+
+char credential_assertions[] =
+"KeyNote-Version: 2\n"\
+"Authorizer: KEY1\n"
+"Local-Constants: \n" \
+" KEY1 = \"rsa-base64:MEgCQQCzxWCi619s3Bqf8QOZTREBFelqWvljw\\\n" \
+" vCwktO7/5zufcz+P0UBRBFNtasWgkP6/tAIK8MnLMUnejGsye\\\n" \
+" DS2EVzAgMBAAE=\"\n" \
+"Licensees: \"dsa-hex:3081de02402121e160209f7ecef1b6866c907e8d\\\n" \
+" d65e9a67ef0fbd6ece7760b7c8bb0d9a0b71a0dd921b949f0\\\n" \
+" 9a16092eb3f50e33892bc3e9f1c8409f5298de40461493ef1\\\n" \
+" 024100a60b7e77f317e156566b388aaa32c3866a086831649\\\n" \
+" 1a55ab6fb8e57f7ade4a2a31e43017c383ab2a3e54f49688d\\\n" \
+" d66a326b7362beb974f2f1fb7dd573dd1bdf021500909807a\\\n" \
+" 4937f198fe893be6c63a7d627f13a385b02405811292c9949\\\n" \
+" 7aa80911c781a0ff51a5843423b9b4d03ad7e708ae2bfacaf\\\n" \
+" 11477f4f197dbba534194f8afd1e0b73261bb0a2c04af35db\\\n" \
+" 0507f5cffe74ed4f1a\"\n" \
+"Conditions: app_domain == \"test application\" && \n" \
+" another_var == \"foo\" -> \"true\";\n" \
+"Signature: \"sig-rsa-sha1-base64:E2OhrczI0LtAYAoJ6fSlqvlQDA4r\\\n" \
+" GiIX73T6p9eExpyHZbfjxPxXEIf6tbBre6x2Y26wBQCx/yCj5\\\n" \
+" 4IS3tuY2w==\"\n";
+
+char action_authorizer[] =
+"dsa-hex:3081de02402121e160209f7ecef1b6866c907e8d" \
+"d65e9a67ef0fbd6ece7760b7c8bb0d9a0b71a0dd921b949f0" \
+"9a16092eb3f50e33892bc3e9f1c8409f5298de40461493ef1" \
+"024100a60b7e77f317e156566b388aaa32c3866a086831649" \
+"1a55ab6fb8e57f7ade4a2a31e43017c383ab2a3e54f49688d" \
+"d66a326b7362beb974f2f1fb7dd573dd1bdf021500909807a" \
+"4937f198fe893be6c63a7d627f13a385b02405811292c9949" \
+"7aa80911c781a0ff51a5843423b9b4d03ad7e708ae2bfacaf" \
+"11477f4f197dbba534194f8afd1e0b73261bb0a2c04af35db" \
+"0507f5cffe74ed4f1a";
+
+#define NUM_RETURN_VALUES 2
+
+char *returnvalues[NUM_RETURN_VALUES];
+
+
+int main()
+ {
+ int sessionid, num, i, j;
+ char **decomposed;
+ sessionid = kn_init();
+ if (sessionid == -1)
+ {
+ fprintf(stderr, "Failed to create a new session.\n");
+ exit(-1);
+ }
+/*
+ * Assume we have read a file, or somehow securely acquired our policy
+ * assertions, and we have stored them in policy_assertions.
+ */
+
+ /* Let's find how many policies we just "read". */
+ decomposed = kn_read_asserts(policy_assertions, Genode::strlen(policy_assertions),
+ &num);
+ if (decomposed == NULL)
+ {
+ fprintf(stderr, "Failed to allocate memory for policy assertions.\n");
+ exit(-1);
+ }
+
+ /*
+ * If there were no assertions in the first argument to kn_read_asserts,
+ * we'll get a valid pointer back, which we need to free. Note that this
+ * is an error; we always MUST have at least one policy assertion.
+ */
+ if (num == 0)
+ {
+ free(decomposed);
+ fprintf(stderr, "No policy assertions provided.\n");
+ exit(-1);
+ }
+
+ /*
+ * We no longer need a copy of policy_assertions, so we could
+ * free it here.
+ */
+
+ /*
+ * decomposed now contains num pointers to strings, each containing a
+ * single assertion. We now add them all to the session. Note that
+ * we must provide the ASSERT_FLAG_LOCAL flag to indicate that these
+ * are policy assertions and thus do not have a signature field.
+ */
+ for (i = 0; i < num; i++)
+ {
+ j = kn_add_assertion(sessionid, decomposed[i],
+ Genode::strlen(decomposed[i]), ASSERT_FLAG_LOCAL);
+ if (j == -1)
+ {
+ switch (keynote_errno)
+ {
+ case ERROR_MEMORY:
+ fprintf(stderr, "Out of memory, trying to add policy "
+ "assertion %d.\n", j);
+ break;
+
+ case ERROR_SYNTAX:
+ fprintf(stderr, "Syntax error parsing policy "
+ "assertion %d.\n", j);
+ break;
+
+ case ERROR_NOTFOUND:
+ fprintf(stderr, "Session %d not found while adding "
+ "policy assertion %d.\n", sessionid, j);
+ default:
+ fprintf(stderr, "Unspecified error %d (shouldn't happen) "
+ "while adding policy assertion %d.\n",
+ keynote_errno, j);
+ break;
+ }
+
+ /* We don't need the assertion any more. */
+ free(decomposed[i]);
+ }
+ }
+
+ /* Now free decomposed itself. */
+ free(decomposed);
+
+ /*
+ * Now, assume we have somehow acquired (through some application-dependent
+ * means) one or more KeyNote credentials, and the key of the action
+ * authorizer. For example, if this were an HTTP authorization application,
+ * we would have acquired the credential(s) and the key after completing
+ * an SSL protocol exchange.
+ *
+ * So, we have some credentials in credential_assertions, and a key
+ * in action_authorizer.
+ */
+
+ /* Let's find how many credentials we just "received". */
+ decomposed = kn_read_asserts(credential_assertions,
+ Genode::strlen(credential_assertions), &num);
+ if (decomposed == NULL)
+ {
+ fprintf(stderr, "Failed to allocate memory for credential "
+ "assertions.\n");
+ exit(-1);
+ }
+
+ /*
+ * If there were no assertions in the first argument to kn_read_asserts,
+ * we'll get a valid pointer back, which we need to free. Note that
+ * it is legal to have zero credentials.
+ */
+ if (num == 0)
+ {
+ free(decomposed);
+ fprintf(stderr, "No credential assertions provided.\n");
+ }
+
+ /*
+ * We no longer need a copy of credential_assertions, so we could
+ * free it here.
+ */
+
+ /*
+ * decomposed now contains num pointers to strings, each containing a
+ * single assertion. We now add them all to the session. Note that here
+ * we must NOT provide the ASSERT_FLAG_LOCAL flag, since these are
+ * all credential assertions and need to be cryptographically verified.
+ */
+ for (i = 0; i < num; i++)
+ {
+ /*
+ * The value returned by kn_add_assertion() is an ID for that
+ * assertion (unless it's a -1, which indicates an error). We could
+ * use this ID to remove the assertion from the session in the future,
+ * if we needed to. We would need to store the IDs somewhere of
+ * course.
+ *
+ * If this were a persistent session, it may make sense to delete
+ * the credentials we just added after we are done with the query,
+ * simply to conserve memory. On the other hand, we could just leave
+ * them in the session; this has no security implications.
+ *
+ * Also note that we could do the same with policy assertions.
+ * However, if we want to delete policy assertions, it usually then
+ * makes sense to just destroy the whole session via kn_close(),
+ * which frees all allocated resources.
+ */
+ j = kn_add_assertion(sessionid, decomposed[i],
+ Genode::strlen(decomposed[i]), 0);
+ if (j == -1)
+ {
+ switch (keynote_errno)
+ {
+ case ERROR_MEMORY:
+ fprintf(stderr, "Out of memory, trying to add credential "
+ "assertion %d.\n", j);
+ break;
+
+ case ERROR_SYNTAX:
+ fprintf(stderr, "Syntax error parsing credential "
+ "assertion %d.\n", j);
+ break;
+
+ case ERROR_NOTFOUND:
+ fprintf(stderr, "Session %d not found while adding "
+ "credential assertion %d.\n", sessionid, j);
+ default:
+ fprintf(stderr, "Unspecified error %d (shouldn't happen) "
+ "while adding credential assertion %d.\n",
+ keynote_errno, j);
+ break;
+ }
+
+ /* We don't need the assertion any more. */
+ free(decomposed[i]);
+ }
+ }
+
+ /* No longer needed. */
+ free(decomposed);
+
+ /*
+ * Now add the action authorizer. If we have more than one, just
+ * repeat. Note that the value returned here is just a success or
+ * failure indicator. If we want to later on delete an authorizer from
+ * the session (which we MUST do if this is a persistent session),
+ * we must keep a copy of the key.
+ */
+ if (kn_add_authorizer(sessionid, action_authorizer) == -1)
+ {
+ switch (keynote_errno)
+ {
+ case ERROR_MEMORY:
+ fprintf(stderr, "Out of memory while adding action "
+ "authorizer.\n");
+ break;
+
+ case ERROR_SYNTAX:
+ fprintf(stderr, "Malformed action authorizer.\n");
+ break;
+
+ case ERROR_NOTFOUND:
+ fprintf(stderr, "Session %d not found while adding action "
+ "authorizer.\n", sessionid);
+ break;
+
+ default:
+ fprintf(stderr, "Unspecified error while adding action "
+ "authorizer.\n");
+ break;
+ }
+ }
+
+ /*
+ * If we don't need action_authorizer any more (i.e., this is a temporary
+ * session), we could free it now.
+ */
+
+ /*
+ * Now we need to construct the action set. In a real application, we
+ * would be gathering the relevant information. Here, we just construct
+ * a fixed action set.
+ */
+
+ /*
+ * Add the relevant action attributes. Flags is zero, since we are not
+ * using any callback functions (ENVIRONMENT_FLAG_FUNC) or a regular
+ * expression for action attribute names (ENVIRONMENT_FLAG_REGEX).
+ */
+ if (kn_add_action(sessionid, "app_domain", "test application", 0) == -1)
+ {
+ switch (keynote_errno)
+ {
+ case ERROR_SYNTAX:
+ fprintf(stderr, "Invalid name action attribute name "
+ "[app_domain]\n");
+ break;
+
+ case ERROR_MEMORY:
+ fprintf(stderr, "Out of memory adding action attribute "
+ "[app_domain = \"test application\"]\n");
+ break;
+
+ case ERROR_NOTFOUND:
+ fprintf(stderr, "Session %d not found while addiing action "
+ "attribute [app_domain = \"test application\"]\n",
+ sessionid);
+ break;
+
+ default:
+ fprintf(stderr, "Unspecified error %d (shouldn't happen) "
+ "while adding action attribute [app_domain = "
+ "\"test application\"]\n", keynote_errno);
+ break;
+ }
+ }
+
+ if (kn_add_action(sessionid, "some_num", "1", 0) == -1)
+ {
+ switch (keynote_errno)
+ {
+ case ERROR_SYNTAX:
+ fprintf(stderr, "Invalid name action attribute name "
+ "[some_num]\n");
+ break;
+
+ case ERROR_MEMORY:
+ fprintf(stderr, "Out of memory adding action attribute "
+ "[some_num = \"1\"]\n");
+ break;
+
+ case ERROR_NOTFOUND:
+ fprintf(stderr, "Session %d not found while addiing action "
+ "attribute [some_num = \"1\"]\n", sessionid);
+ break;
+
+ default:
+ fprintf(stderr, "Unspecified error %d (shouldn't happen) "
+ "while adding action attribute [some_num = \"1\"]",
+ keynote_errno);
+ break;
+ }
+ }
+
+ if (kn_add_action(sessionid, "some_var", "some other value", 0) == -1)
+ {
+ switch (keynote_errno)
+ {
+ case ERROR_SYNTAX:
+ fprintf(stderr, "Invalid name action attribute name "
+ "[some_var]\n");
+ break;
+
+ case ERROR_MEMORY:
+ fprintf(stderr, "Out of memory adding action attribute "
+ "[some_var = \"some other value\"]\n");
+ break;
+
+ case ERROR_NOTFOUND:
+ fprintf(stderr, "Session %d not found while addiing action "
+ "attribute [some_var = \"some other value\"]\n",
+ sessionid);
+ break;
+
+ default:
+ fprintf(stderr, "Unspecified error %d (shouldn't happen) "
+ "while adding action attribute [some_var = "
+ "\"some other value\"]\n", keynote_errno);
+ break;
+ }
+ }
+
+ if (kn_add_action(sessionid, "another_var", "foo", 0) == -1)
+ {
+ switch (keynote_errno)
+ {
+ case ERROR_SYNTAX:
+ fprintf(stderr, "Invalid name action attribute name "
+ "[another_var]\n");
+ break;
+
+ case ERROR_MEMORY:
+ fprintf(stderr, "Out of memory adding action attribute "
+ "[another_var = \"foo\"]\n");
+ break;
+
+ case ERROR_NOTFOUND:
+ fprintf(stderr, "Session %d not found while addiing action "
+ "attribute [another_var = \"foo\"]\n", sessionid);
+ break;
+
+ default:
+ fprintf(stderr, "Unspecified error %d (shouldn't happen) "
+ "while adding action attribute [another_var = "
+ "\"foo\"]\n", keynote_errno);
+ break;
+ }
+ }
+
+ /* Set the return values for this application -- just "false" and "true" */
+ returnvalues[0] = "false";
+ returnvalues[1] = "true";
+
+ /* Just do the query. */
+ j = kn_do_query(sessionid, returnvalues, NUM_RETURN_VALUES);
+ if (j == -1)
+ {
+ switch (j)
+ {
+ case ERROR_MEMORY:
+ fprintf(stderr, "Out of memory while performing authorization "
+ "query.\n");
+ break;
+
+ case ERROR_NOTFOUND:
+ fprintf(stderr, "Session %d not found while performing "
+ "authorization query.\n", sessionid);
+ break;
+
+ default:
+ fprintf(stderr, "Unspecified error %d (shouldn't happen) "
+ "while performing authorization query.\n",
+ keynote_errno);
+ break;
+ }
+ }
+ else
+ {
+ fprintf(stdout, "Return value is [%s]\n", returnvalues[j]);
+ }
+
+ /*
+ * Once the query is done, we can find what assertions failed in what way.
+ * One way is just going through the list of assertions, as shown here
+ * for assertions that failed due to memory exhaustion.
+ */
+ j = 0;
+
+ do
+ {
+ i = kn_get_failed(sessionid, KEYNOTE_ERROR_MEMORY, j++);
+ if (i != -1)
+ fprintf(stderr, "Assertion %d failed due to memory exhaustion.\n",
+ i);
+ } while (i != -1);
+
+ /*
+ * Another way is to go through the list of failed assertions by deleting
+ * the "first" one.
+ */
+ do
+ {
+ i = kn_get_failed(sessionid, KEYNOTE_ERROR_SYNTAX, 0);
+ if (i != -1)
+ {
+ fprintf(stderr, "Assertion %d failed due to some syntax error.\n",
+ i);
+ kn_remove_assertion(sessionid, i); /* Delete assertion */
+ }
+ } while (i != -1);
+
+ /*
+ * Signature failures, another way.
+ */
+ for (j = 0, i = kn_get_failed(sessionid, KEYNOTE_ERROR_SIGNATURE, 0);
+ i != -1; i = kn_get_failed(sessionid, KEYNOTE_ERROR_SIGNATURE, j++))
+ fprintf(stderr, "Failed to verify signature on assertion %d.\n", i);
+
+ /*
+ * Here's how to find all errors.
+ */
+ for (i = kn_get_failed(sessionid, KEYNOTE_ERROR_ANY, 0); i != -1;
+ i = kn_get_failed(sessionid, KEYNOTE_ERROR_ANY, 0))
+ {
+ fprintf(stderr, "Unspecified error in processing assertion %d.\n", i);
+ kn_remove_assertion(sessionid, i);
+ }
+
+ /* Destroy the session, freeing all allocated memory. */
+ kn_close(sessionid);
+
+ exit(0);
+}
+
+void Libc::Component::construct(Libc::Env &env)
+{
+ Libc::with_libc([&] () {
+ exit(main());
+ });
+}
diff --git a/src/test/keynote/target.mk b/src/test/keynote/target.mk
new file mode 100755
index 0000000..30c524c
--- /dev/null
+++ b/src/test/keynote/target.mk
@@ -0,0 +1,5 @@
+TARGET = test-keynote
+LIBS =libc keynote libm
+SRC_CC = main.cc
+
+vpath main.cc $(PRG_DIR)/..