5.2 NuGet Basics

This page explains what NuGet is and how to create packages for native libraries.

What is NuGet?

NuGet is the package manager for .NET - comparable to:

npm for JavaScript
pip for Python
Maven for Java

A NuGet package (.nupkg) contains:

Compiled DLLs
Metadata (name, version, author)
Native libraries (optional)

Why a NuGet Package?

Without NuGet	With NuGet
—————	————
Copy DLLs manually	`dotnet add package …`
Manage versions manually	Automatic updates
Each project separately	Central repository

Package Structure for Native Libraries

NuGet supports native DLLs via runtimes/:

MyPackage.1.0.0.nupkg/
├── lib/
│   └── net8.0/
│       └── MyPackage.dll        # .NET Wrapper
├── runtimes/
│   ├── win-x64/
│   │   └── native/
│   │       ├── libcrypto-3-x64.dll
│   │       └── libssl-3-x64.dll
│   └── linux-x64/
│       └── native/
│           ├── libcrypto.so.3
│           └── libssl.so.3
└── MyPackage.nuspec

Simple .nuspec Example

Create a file OpenSsl.Native.nuspec:

<?xml version="1.0"?>
<package>
  <metadata>
    <id>OpenSsl.Native</id>
    <version>3.6.0</version>
    <authors>Your Name</authors>
    <description>OpenSSL 3.6.0 Native Libraries with Post-Quantum Support</description>
    <tags>openssl cryptography post-quantum ml-dsa ml-kem</tags>
  </metadata>
  <files>
    <!-- Windows x64 -->
    <file src="win-x64\libcrypto-3-x64.dll" target="runtimes\win-x64\native\" />
    <file src="win-x64\libssl-3-x64.dll" target="runtimes\win-x64\native\" />
 
    <!-- Linux x64 -->
    <file src="linux-x64\libcrypto.so.3" target="runtimes\linux-x64\native\" />
    <file src="linux-x64\libssl.so.3" target="runtimes\linux-x64\native\" />
  </files>
</package>

Create Package

1. Prepare Files

# Create directory structure
mkdir nuget-package
mkdir nuget-package\win-x64
mkdir nuget-package\linux-x64
 
# Copy DLLs
copy "D:\Projects\openssl-3.6.0\bin\bin\libcrypto-3-x64.dll" nuget-package\win-x64\
copy "D:\Projects\openssl-3.6.0\bin\bin\libssl-3-x64.dll" nuget-package\win-x64\
 
# Create .nuspec (see above)

2. Build Package

cd nuget-package
 
# Install NuGet CLI (if not present)
winget install Microsoft.NuGet
 
# Create package
nuget pack OpenSsl.Native.nuspec
 
# Result: OpenSsl.Native.3.6.0.nupkg

Local NuGet Feed

For internal use you can set up a local NuGet feed:

1. Create Feed Folder

mkdir C:\NuGetFeed
copy OpenSsl.Native.3.6.0.nupkg C:\NuGetFeed\

2. Register Feed in NuGet.config

Create NuGet.config in project folder:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" />
    <add key="LocalFeed" value="C:\NuGetFeed" />
  </packageSources>
</configuration>

3. Use Package

dotnet add package OpenSsl.Native --version 3.6.0 --source C:\NuGetFeed

With .NET SDK Pack

Alternatively you can pack directly from .csproj:

<Project Sdk="Microsoft.NET.Sdk">
  <PropertyGroup>
    <TargetFramework>net8.0</TargetFramework>
    <PackageId>OpenSsl.Native</PackageId>
    <Version>3.6.0</Version>
    <Authors>Your Name</Authors>
    <Description>OpenSSL 3.6.0 Native Libraries</Description>
    <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
  </PropertyGroup>
 
  <ItemGroup>
    <None Include="runtimes\**\*" Pack="true" PackagePath="runtimes\" />
  </ItemGroup>
</Project>

Then:

dotnet pack -c Release

Network Feed Setup

For teams: Feed on network drive

Server Side

# Create share (as Admin)
New-SmbShare -Name "NuGetFeed" -Path "D:\NuGetFeed" -ReadAccess "Everyone"

Client Side

<!-- NuGet.config -->
<configuration>
  <packageSources>
    <add key="InternalFeed" value="\\server\NuGetFeed" />
  </packageSources>
</configuration>

Tips

Versioning:

Semantic Versioning: MAJOR.MINOR.PATCH
OpenSSL 3.6.0 → Package 3.6.0
Own fixes → 3.6.0.1, 3.6.0.2

No secrets in packages!

No API keys
No private keys
No passwords in configurations

Continue to

Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional