ndn-cxx Release Notes

ndn-cxx version 0.3.3 (changes since version 0.3.2)

Release date: July 1, 2015

New features:

  • Allow compilation of ndn-cxx as a shared library (Issue #2243)

    In this release, by default, only a static library is compiled. The next release will change the default behavior to compile only a shared library.

  • Introduce concept of PartialName (Issue #1962)

    Semantically, PartialName abstraction represents an arbitrary sequence of name components, while Name represents an absolute name. Currently, PartialName is typedef alias to Name, but it can be changed in the future releases.

  • Introduce generalized signing API in KeyChain (Issue #2871, Issue #1705)

    A new API in KeyChain introduces a general interface to sign interest and data packets and supply necessary signing information, such as signing identity name, signing key name, or signing certificate name. In addition, the supplied signing information can include additional information that signer wants to include in the SignatureInfo of the signed packet.

  • Introduce helpers to create SigningInfo for the generalized signing API (Issue #2922)

  • Sqlite3Statement utility helper that wraps an SQLite3 statements and provide automatic memory cleanup

  • Introduce PibSqlite3 based on PibImpl (Issue #2807)

  • Make public interface of Pib, Identity, and Key as read-only (Issue #2928)

  • New encoding block helpers to simplify operations with std::string (Issue #2951):

    • prependStringBlock
    • makeStringBlock
    • readString

Improvements and bug fixes:

  • Use C++11 lambda expression and smart pointers in Face implementation (Issue #2112)
  • Fix compilation failure on OS X 10.10 with cryptopp from MacPorts
  • Update client.conf manpage
  • Change Name::compare to return negative, zero, or positive integer (instead of strictly -1, 0, 1) when the first name comes before the other in canonical ordering, is equal, or comes after (Issue #2445)
  • IdentityCertificate sets default FreshnessPeriod to 1 hour (Issue #2872)
  • Unify TPM creation (Issue #2722)
  • Allow negative start index in Name::getSubName method (Issue #1962)
  • Improved documentation of PibImpl interfaces (Issue #2896, Issue #2898)
  • Simplify CommandOptions with SigningInfo (Issue #2893)
  • Refactor internal PIT to use scheduled events (Issue #1372, Issue #2518)
  • Improve structure and documentation of block helpers (Issue #2951)
  • Declare all move constructors as noexcept to ensure move operations are used even when a restrictive move operation (move_if_noexcept) is used (e.g., in STL library’s containers) (Issue #2966)


  • The following KeyChain::sign* methods, in favor of generalized KeyChain::sign(..., SigningInfo)
    • KeyChain::sign(Packet, Name)
    • KeyChain::sign(uint8_t*, size_t, Name)
    • KeyChain::signByIdentity(Packet, Name)
    • KeyChain::signByIdentity(uint8_t*, size_t, Name)
    • KeyChain::signWithSha256(Data)
    • KeyChain::signWithSha256(Interest)
  • The following encoding block helper functions:
    • nonNegativeIntegerBlock (use makeNonNegativeIntegerBlock)
    • prependBooleanBlock (use prependEmptyBlock)
    • booleanBlock (use makeEmptyBlock)
    • dataBlock (use makeBinaryBlock)
    • nestedBlock (use makeNestedBlock)
  • The following methods of CommandOptions class, use setSigningInfo() instead (:refs:`2893`):
    • CommandOptions::getSigningParamsKind
    • CommandOptions::getSigningIdentity
    • CommandOptions::getSigningCertificate
    • CommandOptions::setSigningDefault
    • CommandOptions::setSigningIdentity
    • CommandOptions::setSigningCertificate


  • Remove SCOPE from Interests and all references to it in the related code (Issue #2345)

  • Direct FIB management in Face class (Issue #2533)

    Face::register and Face::setInterestFilter methods now only support NFD RIB management protocol.

    For special needs, FIB management can be implemented using nfd::Controller (start<FibAddNextHopCommand>, and start<FibRemoveNextHopCommand>)

Upcoming features (partially finished in development branches):

ndn-cxx version 0.3.2 (changes since version 0.3.1)

Release date: May 12, 2015

New features:

  • Add Link abstraction (Issue #2587)
  • Add Link and SelectedDelegation fields to the Interest abstraction (Issue #2587)
  • Initial implementation of several components for the upcoming PIB feature (Issue #2451):
    • User-facing PIB implementation and implementation-specific PIB interface
    • In-memory PIB implementation
    • Define new abstraction for identity, key, and certificate

Updates and bug fixes:


  • Block::fromBuffer overloads with output parameter (Issue #2553)


  • Delete deprecated Controller functions:
    • Controller::start overloads, except the overload taking CommandOptions
    • Controller::Sign typedef
    • Controller::getDefaultCommandTimeout
    • ControlCommand::getPrefix
    • ControlCommand::getRequestName(ControlParameters)
    • Controller::Controller(Face&)

ndn-cxx version 0.3.1 (changes since version 0.3.0)

Release date: March 3, 2015

New features:

Updates and bug fixes:

  • Wire encoding
  • Miscellaneous tools
    • Mark Digest<Hash>::operator== as unsuitable in a security sensitive context (Issue #2395)
    • Restrict destruction of Signal from handler (Issue #2313)
  • Documentation
    • Correct function names in security library tutorial (Issue #2474)
    • Remind users to reinstall ports after OSX upgrade (Issue #2284)
  • Tests
    • Fix global buffer overflow in ImplicitSha256Digest test case (Issue #2307)
    • Change naming conventions for unit test files and test suite names (Issue #2497)
  • Build
    • Explicitly define _GLIBCXX_USE_NANOSLEEP, necessary for gcc < 4.8 in some environments (Issue #2499)


  • Delete deprecated Block(std::istream&) constructor (Issue #2241)
  • Delete deprecated ndn::ptr_lib, ndn::func_lib (Issue #2110)
  • Delete deprecated MetaInfo::TYPE_* (Issue #2170)

ndn-cxx version 0.3.0 (changes since version 0.2.0)

Release date: February 2, 2015

New features:

  • Build
    • The code now requires C++11. The minimum supported gcc version is 4.6, as earlier versions do not have proper support for C++11 features.
  • Base
    • Enable detailed version information when built from shallow clone or tarball (Issue #1915)
    • Make default transport configurable (Issue #2189)
    • Add ability to do partial Name comparison (Issue #2090)
  • Security
    • Add support for KeyDigest key locator (Issue #1426)
    • Add a method to get KeyDigest from a PublicKey instance (Issue #1964)
    • Add support for KeyChain to sign Interest using SHA256 digest (Issue #2218)
    • Add ndnsec-dsk-gen tool to generate a pair of Data-Signing-Key (DSK) for the specified identity (Issue #2246)
    • Pair-up PIB and TPM in KeyChain: PIB remembers the last used TPM type/location, which is used during KeyChain construction (unless overriden) (Issue #2242)
  • Wire encoding
    • Add support for application-defined meta information blocks (Issue #2021)
    • Introduce new name::Component::is* methods to allow checking if the name component follows the specific naming convention without relying on the exception handling (Issue #2088)
    • Add definition of producer-generated NACK (Issue #2111)
    • Add std::hash<Name> specialization to support unordered_map container (Issue #2147)
    • Add support for ImplicitSha256DigestComponent (Issue #1640)
    • Allow tagging Interest and Data packets with arbitrary information (Issue #2336)
  • Management
  • Miscellaneous tools
    • Add a new helper to calculate digests over dynamic inputs (Issue #1934)
    • Add DNS resolver helper (Issue #1918)
    • Import and re-license Ethernet and FaceUri classes from NFD codebase, add FaceUri canonization support for udp, tcp, and ether schemas (Issue #1994)
    • Add per-application in-memory storage with LRU, LFU, and FIFO replacement policies (Issue #1940)
    • Add ability to specialize system and steady clocks (e.g., for unit tests and simulation purposes) (Issue #2158)
    • Expose DummyClientFace as public API
    • New IndentedStream helper class to simplify writing to streams with the specified indents or prefixes (Issue #2238)
    • New Signal class template as an enhanced version of the deprecated EventEmitter (Issue #2279)
    • New scheduler::ScopedEventId helper to automatically cancel scheduled events upon destruction (Issue #2442)
    • New NetworkMonitor helper to detect network state changes (Issue #2443)

Updates and bug fixes:

  • Base
    • Prevent flags being set for rib/unregister command (Issue #1945)
    • Fix segfault caused by Face::unregisterPrefix when registeredPrefixId does not exist
    • Add explicit internal KeyChain to Face class. KeyChain previously existed in the Face as part of NFD controller class. (Issue #2039)
    • Properly disable assertions in release builds (Issue #2135)
    • Connect to Transport during construction of Face instance (Issue #2318)
  • Wire encoding
    • Fix segfault when decoding empty Exclude element (Issue #1970)
    • Provide EqualityComparable concept for Exclude element
    • Correct Marker in Name::appendVersion() (Issue #2086)
    • Ensure that wire-encoding errors are inherited from tlv::Error (Issue #1983)
  • Management
    • Replace FaceFlags with individual fields in face management data structures (Issue #1992)
    • ndn::nfd::Controller extended to allow generating ControlCommand for remote prefix registration (Issue #2039)
    • Change ForwarderStatus.NfdVersion to string (Issue #2003)
  • Security
    • Fix ndnsec-cert-gen to correctly infer prefix before KEY component (Issue #2052)
    • Help message corrections in ndnsec-cert-dump, ndnsec-cert-gen, and ndnsec-key-gen (Issue #2052)
    • Accept --sign-id and --cert-prefix in ndnsec-cert-revoke (Issue #2058)
    • Changes output format of ndnsec-cert-revoke to base64 encoding (Issue #2059)
    • Add a new (safer) option to ndnsec-cert-gen allowing inclusion of additional information blocks into the certificate. The new --signed-info parameter makes minimum assumptions, treating text before first space as OID and the rest as the associated string with this OID.
    • Make Face optional in Validator class (Issue #2124)
    • Display signature information when printing a certificate (Issue #2196)
    • Handle certificate decoding error in validation process (Issue #2212)
    • Fix segmentation fault in ndnsec-sign-req (Issue #2211)
    • Allow verbose option in ndnsec-list (Issue #2197)
    • Allow generation of DSK using ndnsec-key-gen (Issue #2247)
    • Allow ndnsec-key-gen to generate ECDSA keys (Issue #2248)
    • Fix memory leak in SecPublicInfoSqlite3 (Issue #2253)
    • Properly report status of ndnsec-delete execution (Issue #2275)
  • Miscellaneous tools
    • Fix incorrect tag map in tlvdump tool
    • Change to default resolver behavior in util::dns::Resolver (Issue #2415)
  • Documentation
    • Update of tutorials and installation instructions
    • Rename manpage of client.conf to ndn-client.conf (Issue #1967)
    • Updated and extended ndn-cxx code style:
      • add rules for some C++11 constructs
      • prefer BOOST_ASSERT and static_assert
    • Improve example applications (Issue #1976)
  • Tests
    • Improve security unit test cases (Issue #1683)
    • Embedding CI build and test running scripts into the repository
    • Partial unit test coverage for Face class (previously covered only by integration tests) (Issue #1947)
    • Improve stability of unit tests by using UnitTestTime (wall clock independent time) (Issue #2152)
  • Build
    • Redesign the way default compiler flags are determined (Issue #2209)
    • Support tools and examples with multiple translation units (Issue #2344)
    • Disable installation of internal headers and headers of the disabled components (Issue #2266, and Issue #2269)
    • Enable conditional compilation based on presence of getpass() function
  • Other minor fixes and corrections


  • ndn::ptr_lib and ndn::func_lib namespace aliases
  • The following nfd::Controller methods:
    • Controller::start overloads, except the overload taking CommandOptions
    • Controller::Sign typedef
    • Controller::getDefaultCommandTimeout
    • ControlCommand::getPrefix
    • ControlCommand::getRequestName(ControlParameters)
    • Controller::Controller(Face&)
  • MetaInfo::TYPE_* constants
  • EventEmitter is deprecated in favor of Signal


  • FaceFlags APIs (Issue #1992)
  • ControlCommand::makeCommandInterest (Issue #2008)
  • namespace ndn::Tlv (Issue #2079)
  • shared_ptr<io_service> constructor and getter in Face class
  • tlv::ConentType (typo in the name)
  • Selectors::Selectors(int, int, Exclude, int, bool) constructor
  • Interest::Interest(Name, int, int, Exclude, int, bool, int, time::milliseconds, uint32_t) constructor
  • signature-sha256.hpp file
  • unused encryption-manager.hpp file
  • unused openssl dependency

ndn-cxx version 0.2.0 (changes since version 0.1.0)

Release date: August 25, 2014

New features:

Updates and bug fixes:

  • Base

  • Wire encoding

    • Nonce field is now encoded as 4-byte uint8_t value, as defined by NDN-TLV spec.

    • Optimized Data packet signing

      KeyChain::sign() method now pre-allocates EncodingBuffer, requests unsigned portion of Data using Data::wireEncode(EncodingBuffer, true), and then appends the resulting signature and prepends Data packet header. This way there is no extra memory allocation after Data packet is signed.

    • Optimized implicit digest calculation in Interest::matchesData() method (Issue #1769)

  • Management

    • Add link-layer byte counts in FaceStatus data structure (Issue #1765)
  • Security

  • Miscellaneous tools

    • Redefine method for random number generation: random::generateWord* and random::generateSecureWord* to generate cryptographically non-secure (fast) and secure (slow) random numbers.
  • Other minor fixes and corrections


  • SignatureSha256 class, use DigestSha256 instead.

  • All Face constructors that accept shared_ptr<io_service>.

    Use versions that accept reference to io_service object.

  • Face::ioService method, use Face::getIoService() instead.

  • Interest constructor that accepts name, individual selectors, and individual guiders as constructor parameters.

    Use Interest().setX(...).setY(...) or use the overload taking Selectors

  • name::Component::toEscapedString method, use name::Component::toUri() instead.

  • SecPublicInfo::addPublicKey method, use SecPublicInfo::addKey() instead.

  • Tlv::ConentType constant (typo), use Tlv::ContentType instead.

  • CommandInterestGenerator and CommandInterestValidator utility classes. ValidatorConfig should be used instead.


  • support of ndnd-tlv (only NFD management protocol is supported now)

  • SecPublicInfoMemory and SecTpmMemory classes that were no longer used

  • Removing concept of periodic event from Scheduler.

    In applications, periodic events should be just re-scheduled within the callback for single-shot events.

ndn-cxx version 0.1.0

Release date: May 7, 2014

Version 0.1.0 is the initial release of ndn-cxx, an NDN C++ library with eXperimental eXtensions.

Originally based on ndn-cpp library the ndn-cxx library adopts a slightly different design philosophy (including an extensive use of Boost libraries to facilitate development, as well as the use of Crypto++ library to support cryptographic operations), and includes a number of extensions that aim to simplify NDN application development.

The current features include:

  • Base

    • Fully asynchronous, event-driven communication model, which is implemented using Boost.Asio

    • Single-threaded, but thread-safe Face operations

      A single Face object can be safely used in multiple threads to express Interests and publish Data packets

    • Explicit time management for NDN operations using Boost.Chrono

    • Simplified and extended NDN API

    • Extensive set of unit-tests based on Boost.Test framework

      • Continuous integration using an in-house installation of Jenkins build bots and the hosted Travis CI continuous integration service compile and verify correctness of the library for each commit
  • Wire format

    • Full support of NDN-TLV packet format v0.1

    • Pure C++ implementation of wire encoding/decoding with simple access to wire format of all NDN packet abstractions via wireEncode and wireDecode methods

      In many cases, NDN packet abstractions are just “indices” to the wire format

  • Communication with the forwarder

    • Enable connecting to local forwarder via UNIX and TCP transports and to remote forwarders using TCP transport
    • Full support for communication with Named Data Networking Forwarding Daemon (NFD)
      • Full support for NFD management protocols to NFD status information, create and manage NFD Faces, receive NFD Face status change notifications, update StrategyChoice for namespaces, and manage routes in RIB
      • Support for LocalControlHeader to implement special NDN applications that need low-level control of NDN packet forwarding
  • Security support

    • A set of security primitives to allowing implementation of secure NDN applications in a simplified manner
      • KeyChain: provides simple interfaces of packet signing, and key and certificate management
      • ValidatorConfig: validator that implements trust model defined in a configuration file
      • CommandInterestGenerator and CommandInterestValidator: convenient helpers to produce and validate command interests, while preventing potential replay attacks
    • Several implementations of trusted platform modules to securely manage private keys
      • SecTpmOsx: TPM based on OSX KeyChain (OSX-specific)
      • SecTpmFile: TPM that uses file-based access control to protect keys (cross-platform)
    • Extensive set of security command-line tools to manage security identities and certificates
      • Generating private/public keys
      • Issuing certificates
      • Exporting/importing identities
      • Managing default security settings
  • Miscellaneous tools

    • Scheduler to support delayed time operations
    • NDN regular expressions
    • Simple config file to alter various aspects of the library
    • tlvdump: a simple tool to visualize TLV-encoded blocks