This text describes the steps needed to build GnuPG for Win32 using MinGW in a native Win32 environment, without cross-compiling from a Linux system. These instructions refer to GnuPG 1.4.13 [I know, some images show 1.4.0, or even 1.2.6, but I am too lazy to recreate them every time... ;-)], but maybe they can also be applied, with some modification, to all the other 1.x versions since 1.2.0. Of course, I can't say anything about the future versions since (and including) 1.5.0...
In principle, with a similar procedure, it should also be possible to build GnuPG for Win64 using mingw-w64. Unfortunately, I have no access to a Win64 machine, and therefore I cannot test this possibility to describe in details the procedure.
Of course, this is just the description of the procedure I followed to build GnuPG for Win32. Probably it can be improved in some places. It is not sure that this procedure will work on your machines like it worked on mine and that it will not create you any problem. All that I can say is in the title of this page: following this procedure, "on my PC it worked, on yours I don't know". If you find errors of any kind in this text, please feel free to point them out to me.
Now, if you are not completely sure of what you are doing and/or you have doubts of any kind about the correctness of the obtained result, my suggestion is to avoid the "home-made" builds and to use the official binaries found on GnuPG web site.
If, on the contrary, you arrived up to this point in the text and you still want to try, then take a long breath, count up to 10, repeat loudly the English alphabet from "z" to "a" a couple of times, think to it again and, if you are still sure, then... well... in the following there are all the instructions you need!
Before starting, the author of this page wants to thank TJL73 who tested on his machine the correctness and completeness of the following procedure. The subtitle then can be read as "on our PCs it worked, on yours I don't know"... ;-)
The author wants to thank as well Joe Vender and Maxine Brandt, for their help in solving the compatibility problems between GnuPG and the external libraries for Win32, Tom Pegios, for his suggestions about a simpler way to remove debugging symbols, about statically linking libcurl and about the possibility to use mingw-w64, PIK, for pointing to my attention the existence of the TDM version of GCC for MinGW and for many discussions on the options to be passed to GCC to better optimize the code for different architectures, and Michel Nallino aka WinTerMiNator who, beside taking care of the French version of the page, gave also many suggestions to make its contents much more clear and complete even in the other languages... ;-)
These are the instructions. Good luck!
1.1) Go to the website http://sourceforge.net/projects/mingw/files/Installer/mingw-get-inst/ and download the last version of the installer (version 20111118 now when I am writing).
1.2) Start the installer, setting the destination to a folder with no spaces in the name (the default "C:\MinGW" is perfect). When asked about the "Repository catalogues", select "Download latest repository catalogues". In this way you will be sure to have the latest versions of the MinGW packages.
1.3) When selecting the packages to install, consider that only "C compiler" and "MSYS Basic System" are required to build GnuPG. Of course, you can install any other package you want.
1.4) Now you can run the MinGW Shell with the start menu icon.
1.5) At MinGW prompt, write "gcc -v" and press enter. If you see something similar to this figure:
then congratulations: GCC is working!
1.6) If you want to build a copy of GnuPG supporting other languages than English, you must download and install the additional MinGW packages "libiconv" and "gettext". Moreover, if you want to be able to perform the checks to test the newly built copy of GnuPG, you must download and install the additional package "msys-coreutils". To do so, you must write at MinGW prompt the command "mingw-get install libiconv gettext msys-coreutils" (you can limit the list to the sole packages you want to install) and press enter. The procedure should automatically download and install the required files.
Before starting the compilation, a small fix to GnuPG sources is required if you want to perform the checks.
2.1) If you have not yet done so, download the GnuPG 1.4.13 source (of course from http://www.gnupg.org). In the MinGW folder, there is a subfolder named "msys", with another subfolder "1.0", with another subfolder "home", with another subfolder named after your user name. You have to unpack GnuPG sources inside this last folder, with all the directory structure of the compressed file. If everything is OK, you will have another subfolder named "gnupg-1.4.13" with all the sources inside.
2.2) If you want to be able to perform the checks, open the file "seat.test" in the "checks" subfolder and go to line 9.
Change "$i y" into "z y" and add just before line 9 two new lines with the following commands: "cp $i z" and "unix2dos z". Save and close the file.
2.3) If you want, and ONLY if you know VERY WELL what you are doing, you can make a small change to the GnuPG source code to enable the creation of keys longer than 4096 bits. Such keys can be used by GnuPG, but their creation is disabled by default. Following NIST guidelines, a strength equivalent to a symmetric cipher with a 128 bit key (like AES-128) is provided by a RSA key with a length of 3072 bits. A strength equivalent to a symmetric cipher with a 256 bit key (like AES-256) is instead provided by a RSA key with a length of about 15000 bits. On this topic see also this page on Wikipedia. In other words, if one is using symmetric ciphers with 128 bit keys the limit of 4096 bits for the RSA keys is more than enough. However, if one is using symmetric ciphers with 256 bit keys it may be useful to create larger RSA keys. The modification to GnuPG sources is described on this page. To make it short, open the file "gpg.c" in the "g10" subfolder, go to line 1996 and change "32768" into "131072". Save and close the file. Then open the file "keygen.c", still in the "g10" subfolder, go to line 1575 and change "4096" into "65535". Save and close the file. Pay attention that for this change you are on your own, with all possible problems and incompatibilities. Pay also attention that, even if now GnuPG is able to create RSA keys with a length of 65535 bits, RSA keys larger than 16000-20000 bit are completely useless if used in combination with 256 bit symmetric ciphers (the maximum currently supported by GnuPG).
3.1) Now insert the following commands at a newly
started MinGW prompt:
a) cd gnupg-1.4.13
b) CFLAGS='-O2 -m32 -mtune=i386 -march=i386
-mfpmath=387 -mno-mmx -mno-sse -mno-3dnow -mno-sse2'
LDFLAGS='-s -static' ./configure --with-included-zlib
Other options can be added at the end of the "./configure" command line. E.g., it is possible to add "--enable-camellia" to enable the experimental support for the "Camellia" encryption algorithm. A list of all the possible options can be viewed with the command "./configure --help". With this procedure you will then obtain an executable which will be able to run on every i386 machine. If you want to enable special optimizations for your machine, you can change the parameters in the CFLAGS variable with the ones of your choice. E.g., for a Pentium 4 machine, you can specify:
CFLAGS='-O3 -m32 -march=pentium4 -mfpmath=sse'
or, for an Athlon-XP:
CFLAGS='-O3 -m32 -march=athlon-xp -mfpmath=sse'.
for recent Intel CPUs, a good choice may be one of the following:
CFLAGS='-O3 -m32 -march=pentium-m -mfpmath=sse'
CFLAGS='-O3 -m32 -march=core2 -mfpmath=sse'
for recent AMD CPUs, a good choice may be:
CFLAGS='-O3 -m32 -march=amdfam10 -mfpmath=sse'.
A compromise between old and new machines, probably, may be one of the following:
CFLAGS='-O3 -m32 -march=pentium2',
CFLAGS='-O3 -m32 -march=i686 -mmmx'.
More aggressive optimizations can be enabled by changing '-O3' into '-Ofast'.
For a complete list of all the parameters you can specify to trigger
special optimizations, you can look the GCC
user manual. Now, you will see many messages while all the
building parameters are set. At the end, you should see the message in the
figure below. If you do not see it, then there was some problem and you
should fix it before continuing.
c) make
You will see again many messages during the build process. If everything goes right you will see something similar to the figure below, otherwise the build process will stop with an error.
d) make check
This is not a mandatory step, but it is useful to check the everything
went right and that the newly built GnuPG works perfectly.
e) iconv -f LATIN1 -t cp850 po/it.po > po/it2.po
&& mv po/it2.po po/it.po && msgfmt -o po/it.gmo po/it.po
where "it" can be changed with the localization file of your choice (e.g.,
"fr" for French, "es" for Spanish, ecc.) and "cp850" must of course be
changed with the actual codepage (some sort of "character table") used by
your Windows version in the command prompt windows. The codepage 850 is the
one, so called, of Western Europe, and it is used by Italian versions. To
know the codepage used by your Windows version, open a command prompt window
and use the command "chcp". If you are interested in more than a GnuPG
localization, repeat this point "e" for all the localization files of your
choice. If you have skipped libiconv and gettext installation at point 1.6,
then you must skip also this point "e".
3.2) If everything went well without any errors, then you will find gpg.exe and gpgv.exe in the g10 subfolder, gpgkeys_hkp.exe, gpgkeys_ldap.exe, gpgkeys_finger.exe and gpgkeys_curl.exe in the keyserver subfolder and gpgsplit.exe in the tools subfolder. Now you can copy them in another folder (e.g. C:\GnuPG). If you performed the point "3.1e" above, copy there also the file libiconv-2.dll which can be found in C:\MinGW\bin changing its name in "iconv.dll". You can also copy the file "it.gmo" (or the one you created at point 3.1e above), which is in the "po" subfolder, in the folder of the GnuPG localization files (e.g. C:\GnuPG\gnupg.nls) renaming it as "it.mo". You can now follow the standard GnuPG installation procedure, described in the README-W32.txt file, creating the required registry keys.
