ndn-cxx Release Notes

ndn-cxx v0.3.1 (changes since version 0.3.0)

Release date: March 3, 2015

New features:

Updates and bug fixes:

  • Wire encoding
  • Miscellaneous tools
    • Mark Digest<Hash>::operator== as unsuitable in a security sensitive context (Issue #2395)
    • Restrict destruction of Signal from handler (Issue #2313)
  • Documentation
    • Correct function names in security library tutorial (Issue #2474)
    • Remind users to reinstall ports after OSX upgrade (Issue #2284)
  • Tests
    • Fix global buffer overflow in ImplicitSha256Digest test case (Issue #2307)
    • Change naming conventions for unit test files and test suite names (Issue #2497)
  • Build
    • Explicitly define _GLIBCXX_USE_NANOSLEEP, necessary for gcc < 4.8 in some environments (Issue #2499)


  • Delete deprecated Block(std::istream&) constructor (Issue #2241)
  • Delete deprecated ndn::ptr_lib, ndn::func_lib (Issue #2110)
  • Delete deprecated MetaInfo::TYPE_* (Issue #2170)

ndn-cxx v0.3.0 (changes since version 0.2.0)

Release date: February 2, 2015

New features:

  • Build
    • The code now requires C++11. The minimum supported gcc version is 4.6, as earlier versions do not have proper support for C++11 features.
  • Base
    • Enable detailed version information when built from shallow clone or tarball (Issue #1915)
    • Make default transport configurable (Issue #2189)
    • Add ability to do partial Name comparison (Issue #2090)
  • Security
    • Add support for KeyDigest key locator (Issue #1426)
    • Add a method to get KeyDigest from a PublicKey instance (Issue #1964)
    • Add support for KeyChain to sign Interest using SHA256 digest (Issue #2218)
    • Add ndnsec-dsk-gen tool to generate a pair of Data-Signing-Key (DSK) for the specified identity (Issue #2246)
    • Pair-up PIB and TPM in KeyChain: PIB remembers the last used TPM type/location, which is used during KeyChain construction (unless overriden) (Issue #2242)
  • Wire encoding
    • Add support for application-defined meta information blocks (Issue #2021)
    • Introduce new name::Component::is* methods to allow checking if the name component follows the specific naming convention without relying on the exception handling (Issue #2088)
    • Add definition of producer-generated NACK (Issue #2111)
    • Add std::hash<Name> specialization to support unordered_map container (Issue #2147)
    • Add support for ImplicitSha256DigestComponent (Issue #1640)
    • Allow tagging Interest and Data packets with arbitrary information (Issue #2336)
  • Management
  • Miscellaneous tools
    • Add a new helper to calculate digests over dynamic inputs (Issue #1934)
    • Add DNS resolver helper (Issue #1918)
    • Import and re-license Ethernet and FaceUri classes from NFD codebase, add FaceUri canonization support for udp, tcp, and ether schemas (Issue #1994)
    • Add per-application in-memory storage with LRU, LFU, and FIFO replacement policies (Issue #1940)
    • Add ability to specialize system and steady clocks (e.g., for unit tests and simulation purposes) (Issue #2158)
    • Expose DummyClientFace as public API
    • New IndentedStream helper class to simplify writing to streams with the specified indents or prefixes (Issue #2238)
    • New Signal class template as an enhanced version of the deprecated EventEmitter (Issue #2279)
    • New scheduler::ScopedEventId helper to automatically cancel scheduled events upon destruction (Issue #2442)
    • New NetworkMonitor helper to detect network state changes (Issue #2443)

Updates and bug fixes:

  • Base
    • Prevent flags being set for rib/unregister command (Issue #1945)
    • Fix segfault caused by Face::unregisterPrefix when registeredPrefixId does not exist
    • Add explicit internal KeyChain to Face class. KeyChain previously existed in the Face as part of NFD controller class. (Issue #2039)
    • Properly disable assertions in release builds (Issue #2135)
    • Connect to Transport during construction of Face instance (Issue #2318)
  • Wire encoding
    • Fix segfault when decoding empty Exclude element (Issue #1970)
    • Provide EqualityComparable concept for Exclude element
    • Correct Marker in Name::appendVersion() (Issue #2086)
    • Ensure that wire-encoding errors are inherited from tlv::Error (Issue #1983)
  • Management
    • Replace FaceFlags with individual fields in face management data structures (Issue #1992)
    • ndn::nfd::Controller extended to allow generating ControlCommand for remote prefix registration (Issue #2039)
    • Change ForwarderStatus.NfdVersion to string (Issue #2003)
  • Security
    • Fix ndnsec-cert-gen to correctly infer prefix before KEY component (Issue #2052)
    • Help message corrections in ndnsec-cert-dump, ndnsec-cert-gen, and ndnsec-key-gen (Issue #2052)
    • Accept --sign-id and --cert-prefix in ndnsec-cert-revoke (Issue #2058)
    • Changes output format of ndnsec-cert-revoke to base64 encoding (Issue #2059)
    • Add a new (safer) option to ndnsec-cert-gen allowing inclusion of additional information blocks into the certificate. The new --signed-info parameter makes minimum assumptions, treating text before first space as OID and the rest as the associated string with this OID.
    • Make Face optional in Validator class (Issue #2124)
    • Display signature information when printing a certificate (Issue #2196)
    • Handle certificate decoding error in validation process (Issue #2212)
    • Fix segmentation fault in ndnsec-sign-req (Issue #2211)
    • Allow verbose option in ndnsec-list (Issue #2197)
    • Allow generation of DSK using ndnsec-key-gen (Issue #2247)
    • Allow ndnsec-key-gen to generate ECDSA keys (Issue #2248)
    • Fix memory leak in SecPublicInfoSqlite3 (Issue #2253)
    • Properly report status of ndnsec-delete execution (Issue #2275)
  • Miscellaneous tools
    • Fix incorrect tag map in tlvdump tool
    • Change to default resolver behavior in util::dns::Resolver (Issue #2415)
  • Documentation
    • Update of tutorials and installation instructions
    • Rename manpage of client.conf to ndn-client.conf (Issue #1967)
    • Updated and extended ndn-cxx code style:
      • add rules for some C++11 constructs
      • prefer BOOST_ASSERT and static_assert
    • Improve example applications (Issue #1976)
  • Tests
    • Improve security unit test cases (Issue #1683)
    • Embedding CI build and test running scripts into the repository
    • Partial unit test coverage for Face class (previously covered only by integration tests) (Issue #1947)
    • Improve stability of unit tests by using UnitTestTime (wall clock independent time) (Issue #2152)
  • Build
    • Redesign the way default compiler flags are determined (Issue #2209)
    • Support tools and examples with multiple translation units (Issue #2344)
    • Disable installation of internal headers and headers of the disabled components (Issue #2266, and Issue #2269)
    • Enable conditional compilation based on presence of getpass() function
  • Other minor fixes and corrections


  • ndn::ptr_lib and ndn::func_lib namespace aliases
  • The following nfd::Controller methods:
    • Controller::start overloads, except the overload taking CommandOptions
    • Controller::Sign typedef
    • Controller::getDefaultCommandTimeout
    • ControlCommand::getPrefix
    • ControlCommand::getRequestName(ControlParameters)
    • Controller::Controller(Face&)
  • MetaInfo::TYPE_* constants
  • EventEmitter is deprecated in favor of Signal


  • FaceFlags APIs (Issue #1992)
  • ControlCommand::makeCommandInterest (Issue #2008)
  • namespace ndn::Tlv (Issue #2079)
  • shared_ptr<io_service> constructor and getter in Face class
  • tlv::ConentType (typo in the name)
  • Selectors::Selectors(int, int, Exclude, int, bool) constructor
  • Interest::Interest(Name, int, int, Exclude, int, bool, int, time::milliseconds, uint32_t) constructor
  • signature-sha256.hpp file
  • unused encryption-manager.hpp file
  • unused openssl dependency

ndn-cxx v0.2.0 (changes since version 0.1.0)

Release date: August 25, 2014

New features:

Updates and bug fixes:

  • Base

  • Wire encoding

    • Nonce field is now encoded as 4-byte uint8_t value, as defined by NDN-TLV spec.

    • Optimized Data packet signing

      KeyChain::sign() method now pre-allocates EncodingBuffer, requests unsigned portion of Data using Data::wireEncode(EncodingBuffer, true), and then appends the resulting signature and prepends Data packet header. This way there is no extra memory allocation after Data packet is signed.

    • Optimized implicit digest calculation in Interest::matchesData() method (Issue #1769)

  • Management

    • Add link-layer byte counts in FaceStatus data structure (Issue #1765)
  • Security

  • Miscellaneous tools

    • Redefine method for random number generation: random::generateWord* and random::generateSecureWord* to generate cryptographically non-secure (fast) and secure (slow) random numbers.
  • Other minor fixes and corrections


  • SignatureSha256 class, use DigestSha256 instead.

  • All Face constructors that accept shared_ptr<io_service>.

    Use versions that accept reference to io_service object.

  • Face::ioService method, use Face::getIoService() instead.

  • Interest constructor that accepts name, individual selectors, and individual guiders as constructor parameters.

    Use Interest().setX(...).setY(...) or use the overload taking Selectors

  • name::Component::toEscapedString method, use name::Component::toUri() instead.

  • SecPublicInfo::addPublicKey method, use SecPublicInfo::addKey() instead.

  • Tlv::ConentType constant (typo), use Tlv::ContentType instead.

  • CommandInterestGenerator and CommandInterestValidator utility classes. ValidatorConfig should be used instead.


  • support of ndnd-tlv (only NFD management protocol is supported now)

  • SecPublicInfoMemory and SecTpmMemory classes that were no longer used

  • Removing concept of periodic event from Scheduler.

    In applications, periodic events should be just re-scheduled within the callback for single-shot events.

ndn-cxx v0.1.0

Release date: May 7, 2014

Version 0.1.0 is the initial release of ndn-cxx, an NDN C++ library with eXperimental eXtensions.

Originally based on ndn-cpp library the ndn-cxx library adopts a slightly different design philosophy (including an extensive use of Boost libraries to facilitate development, as well as the use of Crypto++ library to support cryptographic operations), and includes a number of extensions that aim to simplify NDN application development.

The current features include:

  • Base

    • Fully asynchronous, event-driven communication model, which is implemented using Boost.Asio

    • Single-threaded, but thread-safe Face operations

      A single Face object can be safely used in multiple threads to express Interests and publish Data packets

    • Explicit time management for NDN operations using Boost.Chrono

    • Simplified and extended NDN API

    • Extensive set of unit-tests based on Boost.Test framework

      • Continuous integration using an in-house installation of Jenkins build bots and the hosted Travis CI continuous integration service compile and verify correctness of the library for each commit
  • Wire format

    • Full support of NDN-TLV packet format v0.1

    • Pure C++ implementation of wire encoding/decoding with simple access to wire format of all NDN packet abstractions via wireEncode and wireDecode methods

      In many cases, NDN packet abstractions are just “indices” to the wire format

  • Communication with the forwarder

    • Enable connecting to local forwarder via UNIX and TCP transports and to remote forwarders using TCP transport
    • Full support for communication with Named Data Networking Forwarding Daemon (NFD)
      • Full support for NFD management protocols to NFD status information, create and manage NFD Faces, receive NFD Face status change notifications, update StrategyChoice for namespaces, and manage routes in RIB
      • Support for LocalControlHeader to implement special NDN applications that need low-level control of NDN packet forwarding
  • Security support

    • A set of security primitives to allowing implementation of secure NDN applications in a simplified manner
      • KeyChain: provides simple interfaces of packet signing, and key and certificate management
      • ValidatorConfig: validator that implements trust model defined in a configuration file
      • CommandInterestGenerator and CommandInterestValidator: convenient helpers to produce and validate command interests, while preventing potential replay attacks
    • Several implementations of trusted platform modules to securely manage private keys
      • SecTpmOsx: TPM based on OSX KeyChain (OSX-specific)
      • SecTpmFile: TPM that uses file-based access control to protect keys (cross-platform)
    • Extensive set of security command-line tools to manage security identities and certificates
      • Generating private/public keys
      • Issuing certificates
      • Exporting/importing identities
      • Managing default security settings
  • Miscellaneous tools

    • Scheduler to support delayed time operations
    • NDN regular expressions
    • Simple config file to alter various aspects of the library
    • tlvdump: a simple tool to visualize TLV-encoded blocks