[openssl-users] FIPS compile issue with Perl on Windows

Jakob Bohm jb-openssl at wisemo.com
Tue Apr 19 13:16:13 UTC 2016

On 19/04/2016 13:44, Leaky wrote:
>> The Security Policy is quite specific on the requirements, which make no
>> allowance for the common sense (to a software engineer) fact that there
>> are equivalent multiple ways to accomplish each step (such as unzipping
>> the tarball). You are also specifically required to begin with the
>> official tarball. Per the Security Policy, you *must* do:
>>     gunzip -c openssl-fips-2.0.12.tar.gz | tar xf -
>> and *not* any functionally equivalent alternative such as:
>>     tar -zxf openssl-fips-2.0.12.tar.gz
> Thanks, but I am still scratching my head as to if that is even possible on
> Windows, which would mean you can't actually compile the FIPS canister on
> Windows and meet the security policy.
There are Windows ports of gzip, gunzip and tar.  For example in the CYGWIN
distribution (from https://cygwin.com) or MingW32 (those 2 are free), there
are also commercial versions such as MKS.

If you use the CYGWIN variant, but run under the Windows CMD shell, you 
have to crate a .CMD equivalent of the gunzip shell script. Instead of the
long winded code to output messages about what gunzip is, the following one
line file should do the trick (there is no lf or crlf at the end of the
line!), save this as gunzip.cmd somewhere on your PATH.

@x:\SOMEPATH\CYGWIN\bin\gzip.exe -d %*

(x:\DOMEPATH\CYGWIN is obviously whereever you installed CYGWIN)

Similarly create tar.cmd


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list