From: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed, 6 Apr 2022 13:33:32 +0000 (+0200)
Subject: Remove 3DES from FIPS approved algorithms.
X-Git-Tag: 3.7.5~22^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4f43efcd5a8fbdcf79f12cb98019d98629844091;p=thirdparty%2Fgnutls.git

Remove 3DES from FIPS approved algorithms.
According to the section 2 of SP800-131A Rev.2, 3DES algorithm
will be disallowed for encryption after December 31, 2023:
https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final

Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
---

diff --git a/NEWS b/NEWS
index 32b1e0dd2c..5957286d7d 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,11 @@ See the end for copying conditions.
 
 * Version ?.?.? (released ????-??-??)
 
+** libgnutls: Removed 3DES from FIPS approved algorithms (#1353).
+   According to the section 2 of SP800-131A Rev.2, 3DES algorithm
+   will be disallowed for encryption after December 31, 2023:
+   https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final
+
 ** The configure arguments for Brotli and Zstandard (zstd) support
    have changed to reflect the previous help text: they are now
    --with-brotli/--with-zstd respectively (#1342).
diff --git a/lib/crypto-selftests.c b/lib/crypto-selftests.c
index 0a49e23b5e..57b50ac514 100644
--- a/lib/crypto-selftests.c
+++ b/lib/crypto-selftests.c
@@ -2715,7 +2715,7 @@ int gnutls_cipher_self_test(unsigned flags, gnutls_cipher_algorithm_t cipher)
 		CASE(GNUTLS_CIPHER_AES_256_CBC, test_cipher,
 		     aes256_cbc_vectors);
 		FALLTHROUGH;
-		CASE(GNUTLS_CIPHER_3DES_CBC, test_cipher,
+		NON_FIPS_CASE(GNUTLS_CIPHER_3DES_CBC, test_cipher,
 		     tdes_cbc_vectors);
 		FALLTHROUGH;
 		NON_FIPS_CASE(GNUTLS_CIPHER_ARCFOUR_128, test_cipher,
diff --git a/lib/fips.h b/lib/fips.h
index 2f0a808945..49ad1d9611 100644
--- a/lib/fips.h
+++ b/lib/fips.h
@@ -118,7 +118,6 @@ is_cipher_algo_approved_in_fips(gnutls_cipher_algorithm_t algo)
 	case GNUTLS_CIPHER_AES_192_CBC:
 	case GNUTLS_CIPHER_AES_128_CCM:
 	case GNUTLS_CIPHER_AES_256_CCM:
-	case GNUTLS_CIPHER_3DES_CBC:
 	case GNUTLS_CIPHER_AES_128_CCM_8:
 	case GNUTLS_CIPHER_AES_256_CCM_8:
 	case GNUTLS_CIPHER_AES_128_CFB8:
diff --git a/tests/dtls1-2-mtu-check.c b/tests/dtls1-2-mtu-check.c
index 49eead1479..f27929ba6e 100644
--- a/tests/dtls1-2-mtu-check.c
+++ b/tests/dtls1-2-mtu-check.c
@@ -205,7 +205,8 @@ void doit(void)
 	dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1536", "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", 1536, 1483);
 
 	dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA256", "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA256", 1500, 1423);
-	dtls_mtu_try("DTLS 1.2 with 3DES-CBC-HMAC-SHA1", "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+3DES-CBC:-MAC-ALL:+SHA1", 1500, 1451);
+	if (!gnutls_fips140_mode_enabled())
+		dtls_mtu_try("DTLS 1.2 with 3DES-CBC-HMAC-SHA1", "NORMAL:%NO_ETM:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+3DES-CBC:-MAC-ALL:+SHA1", 1500, 1451);
 
 	/* check non-CBC ciphers */
 	dtls_mtu_try("DTLS 1.2 with AES-128-GCM", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-GCM", 1500, 1463);
@@ -234,7 +235,8 @@ void doit(void)
 	dtls_mtu_try("DTLS 1.2 with AES-128-CBC-HMAC-SHA1 - mtu:1518", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA1", 1518, 1455);
 
 	dtls_mtu_try("DTLS 1.2/EtM with AES-128-CBC-HMAC-SHA256", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+AES-128-CBC:-MAC-ALL:+SHA256", 1500, 1423);
-	dtls_mtu_try("DTLS 1.2/EtM with 3DES-CBC-HMAC-SHA1", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+3DES-CBC:-MAC-ALL:+SHA1", 1500, 1455);
+	if (!gnutls_fips140_mode_enabled())
+		dtls_mtu_try("DTLS 1.2/EtM with 3DES-CBC-HMAC-SHA1", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-CIPHER-ALL:+3DES-CBC:-MAC-ALL:+SHA1", 1500, 1455);
 
 	gnutls_global_deinit();
 }
diff --git a/tests/key-openssl.c b/tests/key-openssl.c
index 3903f97c7b..7800f23be6 100644
--- a/tests/key-openssl.c
+++ b/tests/key-openssl.c
@@ -115,6 +115,9 @@ void doit(void)
 	int ret;
 	gnutls_datum_t key;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	ret = global_init();
 	if (ret < 0)
 		fail("global_init: %d\n", ret);
diff --git a/tests/mini-overhead.c b/tests/mini-overhead.c
index 4496491884..9836ea5132 100644
--- a/tests/mini-overhead.c
+++ b/tests/mini-overhead.c
@@ -328,9 +328,11 @@ void doit(void)
 	     65);
 
 	/* 13 + 20(sha1) + 8(iv) + 8(max pad) */
-	start
-	    ("NONE:+VERS-DTLS1.0:+3DES-CBC:%NO_ETM:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA",
-	     49);
+	if (!gnutls_fips140_mode_enabled())
+		start
+		    ("NONE:+VERS-DTLS1.0:+3DES-CBC:%NO_ETM:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA",
+		     49);
+
 	/* 13 + 16(tag) + 4(iv) */
 	start
 	    ("NONE:+VERS-DTLS1.2:+AES-128-GCM:%NO_ETM:+AEAD:+SIGN-ALL:+COMP-NULL:+RSA",
diff --git a/tests/pkcs11/gnutls_pcert_list_import_x509_file.c b/tests/pkcs11/gnutls_pcert_list_import_x509_file.c
index e553c29317..a4602a4ee9 100644
--- a/tests/pkcs11/gnutls_pcert_list_import_x509_file.c
+++ b/tests/pkcs11/gnutls_pcert_list_import_x509_file.c
@@ -149,6 +149,9 @@ void doit(void)
 	unsigned int pcerts_size;
 	char file[TMPNAME_SIZE];
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	track_temp_files();
 	bin = softhsm_bin();
 
diff --git a/tests/pkcs11/gnutls_x509_crt_list_import_url.c b/tests/pkcs11/gnutls_x509_crt_list_import_url.c
index 869d7034fc..e395180a25 100644
--- a/tests/pkcs11/gnutls_x509_crt_list_import_url.c
+++ b/tests/pkcs11/gnutls_x509_crt_list_import_url.c
@@ -130,6 +130,9 @@ void doit(void)
 	gnutls_x509_crt_t *crts;
 	unsigned int crts_size, i;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	bin = softhsm_bin();
 
 	lib = softhsm_lib();
diff --git a/tests/pkcs11/pkcs11-chainverify.c b/tests/pkcs11/pkcs11-chainverify.c
index e9865b62b9..0ad2efe927 100644
--- a/tests/pkcs11/pkcs11-chainverify.c
+++ b/tests/pkcs11/pkcs11-chainverify.c
@@ -78,6 +78,9 @@ void doit(void)
 	gnutls_typed_vdata_st vdata[2];
 	char buf[128];
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	/* The overloading of time() seems to work in linux (ELF?)
 	 * systems only. Disable it on windows.
 	 */
diff --git a/tests/pkcs11/pkcs11-combo.c b/tests/pkcs11/pkcs11-combo.c
index f12388c0f3..43189c479b 100644
--- a/tests/pkcs11/pkcs11-combo.c
+++ b/tests/pkcs11/pkcs11-combo.c
@@ -217,6 +217,9 @@ void doit(void)
 	unsigned verify_status = 0;
 	gnutls_datum_t tmp;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	/* The overloading of time() seems to work in linux (ELF?)
 	 * systems only. Disable it on windows.
 	 */
diff --git a/tests/pkcs11/pkcs11-ec-privkey-test.c b/tests/pkcs11/pkcs11-ec-privkey-test.c
index 1b24c8150f..782ba00420 100644
--- a/tests/pkcs11/pkcs11-ec-privkey-test.c
+++ b/tests/pkcs11/pkcs11-ec-privkey-test.c
@@ -83,6 +83,9 @@ void doit(void)
 	gnutls_pubkey_t pubkey4;
 	unsigned i;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	bin = softhsm_bin();
 
 	lib = softhsm_lib();
diff --git a/tests/pkcs11/pkcs11-get-issuer.c b/tests/pkcs11/pkcs11-get-issuer.c
index fd65f3d82b..b4df717ed5 100644
--- a/tests/pkcs11/pkcs11-get-issuer.c
+++ b/tests/pkcs11/pkcs11-get-issuer.c
@@ -85,6 +85,9 @@ void doit(void)
 	gnutls_datum_t tmp;
 	int idx = -1;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	/* The overloading of time() seems to work in linux (ELF?)
 	 * systems only. Disable it on windows.
 	 */
diff --git a/tests/pkcs11/pkcs11-import-with-pin.c b/tests/pkcs11/pkcs11-import-with-pin.c
index 4a5efd2589..79cf187375 100644
--- a/tests/pkcs11/pkcs11-import-with-pin.c
+++ b/tests/pkcs11/pkcs11-import-with-pin.c
@@ -83,6 +83,9 @@ void doit(void)
 	gnutls_privkey_t pkey;
 	char file[TMPNAME_SIZE];
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	bin = softhsm_bin();
 
 	lib = softhsm_lib();
diff --git a/tests/pkcs11/pkcs11-is-known.c b/tests/pkcs11/pkcs11-is-known.c
index cc874251e6..95b9c56d0d 100644
--- a/tests/pkcs11/pkcs11-is-known.c
+++ b/tests/pkcs11/pkcs11-is-known.c
@@ -352,6 +352,9 @@ void doit(void)
 	gnutls_x509_crt_t intermediate, same_dn, same_issuer;
 	gnutls_datum_t tmp;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	/* The overloading of time() seems to work in linux (ELF?)
 	 * systems only. Disable it on windows.
 	 */
diff --git a/tests/pkcs11/pkcs11-obj-import.c b/tests/pkcs11/pkcs11-obj-import.c
index fd17ed0661..17c75a7e01 100644
--- a/tests/pkcs11/pkcs11-obj-import.c
+++ b/tests/pkcs11/pkcs11-obj-import.c
@@ -75,6 +75,9 @@ void doit(void)
 	gnutls_datum_t tmp, tmp2;
 	size_t buf_size;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	bin = softhsm_bin();
 
 	lib = softhsm_lib();
diff --git a/tests/pkcs11/pkcs11-privkey-generate.c b/tests/pkcs11/pkcs11-privkey-generate.c
index d3ed905f6f..102cf4b292 100644
--- a/tests/pkcs11/pkcs11-privkey-generate.c
+++ b/tests/pkcs11/pkcs11-privkey-generate.c
@@ -85,6 +85,9 @@ void doit(void)
 	unsigned flags;
 	gnutls_pkcs11_obj_t obj;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	ret = global_init();
 	if (ret != 0) {
 		fail("%d: %s\n", ret, gnutls_strerror(ret));
diff --git a/tests/pkcs11/pkcs11-privkey.c b/tests/pkcs11/pkcs11-privkey.c
index 714614d997..a4217d4a12 100644
--- a/tests/pkcs11/pkcs11-privkey.c
+++ b/tests/pkcs11/pkcs11-privkey.c
@@ -129,6 +129,9 @@ void doit(void)
 	gnutls_certificate_credentials_t cred;
 	gnutls_datum_t tmp;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	/* The overloading of time() seems to work in linux (ELF?)
 	 * systems only. Disable it on windows.
 	 */
diff --git a/tests/pkcs11/pkcs11-pubkey-import.c b/tests/pkcs11/pkcs11-pubkey-import.c
index 3ec1982c3a..57d0d59b72 100644
--- a/tests/pkcs11/pkcs11-pubkey-import.c
+++ b/tests/pkcs11/pkcs11-pubkey-import.c
@@ -75,6 +75,9 @@ static void try(int rsa)
 	gnutls_pubkey_t pubkey;
 	gnutls_pubkey_t pubkey2;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	bin = softhsm_bin();
 
 	lib = softhsm_lib();
diff --git a/tests/pkcs11/pkcs11-rsa-pss-privkey-test.c b/tests/pkcs11/pkcs11-rsa-pss-privkey-test.c
index fd8afb5ea8..2d1d0932dc 100644
--- a/tests/pkcs11/pkcs11-rsa-pss-privkey-test.c
+++ b/tests/pkcs11/pkcs11-rsa-pss-privkey-test.c
@@ -96,6 +96,9 @@ void doit(void)
 	gnutls_pubkey_t pubkey2;
 	unsigned i, sigalgo;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	bin = softhsm_bin();
 
 	lib = softhsm_lib();
diff --git a/tests/pkcs11/tls-neg-pkcs11-key.c b/tests/pkcs11/tls-neg-pkcs11-key.c
index 5cc1ae6e2e..25f08ac270 100644
--- a/tests/pkcs11/tls-neg-pkcs11-key.c
+++ b/tests/pkcs11/tls-neg-pkcs11-key.c
@@ -422,6 +422,9 @@ void doit(void)
 	unsigned int i, have_eddsa;
 	int ret;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 #ifdef _WIN32
 	exit(77);
 #endif
diff --git a/tests/pkcs11/tls-neg-pkcs11-no-key.c b/tests/pkcs11/tls-neg-pkcs11-no-key.c
index ac098ba142..124378ded6 100644
--- a/tests/pkcs11/tls-neg-pkcs11-no-key.c
+++ b/tests/pkcs11/tls-neg-pkcs11-no-key.c
@@ -330,6 +330,9 @@ void doit(void)
 	pid_t child;
 	int status = 0;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	/* check if softhsm module is loadable */
 	(void) softhsm_lib();
 
diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c
index 78f6f41b48..ea39f3d69e 100644
--- a/tests/pkcs12_encode.c
+++ b/tests/pkcs12_encode.c
@@ -116,6 +116,9 @@ void doit(void)
 		int bag_encrypt_expected;
 	} tests[2];
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	ret = global_init();
 	if (ret < 0) {
 		fprintf(stderr, "global_init %d", ret);
diff --git a/tests/pkcs12_s2k_pem.c b/tests/pkcs12_s2k_pem.c
index dc5093ccc4..49715a1b25 100644
--- a/tests/pkcs12_s2k_pem.c
+++ b/tests/pkcs12_s2k_pem.c
@@ -254,6 +254,9 @@ int main(void)
 	size_t i;
 	int ret;
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	global_init();
 
 	for (i = 0; i < sizeof(keys) / sizeof(keys[0]); i++) {
diff --git a/tests/rsa-illegal-import.c b/tests/rsa-illegal-import.c
index 6c629168f7..dd38aeabba 100644
--- a/tests/rsa-illegal-import.c
+++ b/tests/rsa-illegal-import.c
@@ -145,6 +145,9 @@ int check_pkcs8_privkey2(void)
 
 void doit(void)
 {
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 #if NETTLE_VERSION_MAJOR < 3 || (NETTLE_VERSION_MAJOR == 3 && NETTLE_VERSION_MINOR <= 2)
 	/* These checks are enforced only on new versions of nettle */
 	exit(77);
diff --git a/tests/slow/cipher-api-test.c b/tests/slow/cipher-api-test.c
index 0ce85ed86b..fc880bcc9f 100644
--- a/tests/slow/cipher-api-test.c
+++ b/tests/slow/cipher-api-test.c
@@ -475,8 +475,8 @@ void doit(void)
 	start("aes128-cbc", GNUTLS_CIPHER_AES_128_CBC, 0);
 	start("aes192-cbc", GNUTLS_CIPHER_AES_192_CBC, 0);
 	start("aes256-cbc", GNUTLS_CIPHER_AES_256_CBC, 0);
-	start("3des-cbc", GNUTLS_CIPHER_3DES_CBC, 0);
 	if (!gnutls_fips140_mode_enabled()) {
+		start("3des-cbc", GNUTLS_CIPHER_3DES_CBC, 0);
 		start("camellia128-gcm", GNUTLS_CIPHER_CAMELLIA_128_GCM, 1);
 		start("camellia256-gcm", GNUTLS_CIPHER_CAMELLIA_256_GCM, 1);
 		start("chacha20-poly1305", GNUTLS_CIPHER_CHACHA20_POLY1305, 1);
diff --git a/tests/suite/testcompat-openssl-tls13-cli.sh b/tests/suite/testcompat-openssl-tls13-cli.sh
index 57ffef8533..ce0d896762 100755
--- a/tests/suite/testcompat-openssl-tls13-cli.sh
+++ b/tests/suite/testcompat-openssl-tls13-cli.sh
@@ -35,6 +35,11 @@
 : ${CLI=../../src/gnutls-cli${EXEEXT}}
 unset RETCODE
 
+if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then
+	echo "Cannot run in FIPS140-2 mode"
+	exit 77
+fi
+
 if ! test -x "${CLI}"; then
 	exit 77
 fi
diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh
index 638594bc3b..bfd3451658 100755
--- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh
+++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh
@@ -20,6 +20,11 @@
 
 : ${srcdir=.}
 
+if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then
+	echo "Cannot run in FIPS140-2 mode"
+	exit 77
+fi
+
 tls_fuzzer_prepare() {
 PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+AES-128-CCM:+AES-256-CCM:+AES-128-CCM-8"
 
diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh
index d068d6d0e6..dde5ce6736 100755
--- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh
+++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh
@@ -20,6 +20,11 @@
 
 : ${srcdir=.}
 
+if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then
+	echo "Cannot run in FIPS140-2 mode"
+	exit 77
+fi
+
 tls_fuzzer_prepare() {
 VERSIONS="-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0"
 PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:${VERSIONS}:+SHA256:+SHA384:+AES-128-CCM:+AES-256-CCM:+AES-128-CCM-8:+AES-256-CCM-8"
diff --git a/tests/tls10-cipher-neg.c b/tests/tls10-cipher-neg.c
index f48fb80b4d..c1461306be 100644
--- a/tests/tls10-cipher-neg.c
+++ b/tests/tls10-cipher-neg.c
@@ -65,24 +65,28 @@ test_case_st tests[] = {
 	{
 		.name = "server TLS 1.0: 3DES-CBC (server)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE",
 		.client_prio = "NORMAL:+3DES-CBC"
 	},
 	{
 		.name = "both TLS 1.0: 3DES-CBC (server)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0:%SERVER_PRECEDENCE",
 		.client_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.0"
 	},
 	{
 		.name = "client TLS 1.0: 3DES-CBC (client)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:+3DES-CBC",
 		.client_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0"
 	},
 	{
 		.name = "both TLS 1.0: 3DES-CBC (client)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.0",
 		.client_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.0"
 	},
diff --git a/tests/tls11-cipher-neg.c b/tests/tls11-cipher-neg.c
index f315f10378..b0698da75a 100644
--- a/tests/tls11-cipher-neg.c
+++ b/tests/tls11-cipher-neg.c
@@ -65,24 +65,28 @@ test_case_st tests[] = {
 	{
 		.name = "server TLS 1.1: 3DES-CBC (server)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE",
 		.client_prio = "NORMAL:+3DES-CBC"
 	},
 	{
 		.name = "both TLS 1.1: 3DES-CBC (server)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1:%SERVER_PRECEDENCE",
 		.client_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.1"
 	},
 	{
 		.name = "client TLS 1.1: 3DES-CBC (client)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:+3DES-CBC",
 		.client_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1"
 	},
 	{
 		.name = "both TLS 1.1: 3DES-CBC (client)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.1",
 		.client_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.1"
 	},
diff --git a/tests/tls12-cipher-neg.c b/tests/tls12-cipher-neg.c
index af2050df6c..f437be3d15 100644
--- a/tests/tls12-cipher-neg.c
+++ b/tests/tls12-cipher-neg.c
@@ -173,6 +173,7 @@ test_case_st tests[] = {
 	{
 		.name = "server TLS 1.2: 3DES-CBC (server)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE",
 		.client_prio = "NORMAL:+3DES-CBC",
 		.desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)"
@@ -180,6 +181,7 @@ test_case_st tests[] = {
 	{
 		.name = "both TLS 1.2: 3DES-CBC (server)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2:%SERVER_PRECEDENCE",
 		.client_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.2",
 		.desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)"
@@ -187,6 +189,7 @@ test_case_st tests[] = {
 	{
 		.name = "client TLS 1.2: 3DES-CBC (client)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:+3DES-CBC",
 		.client_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2",
 		.desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)"
@@ -194,6 +197,7 @@ test_case_st tests[] = {
 	{
 		.name = "both TLS 1.2: 3DES-CBC (client)",
 		.cipher = GNUTLS_CIPHER_3DES_CBC,
+		.not_on_fips = 1,
 		.server_prio = "NORMAL:+3DES-CBC:+VERS-TLS1.2",
 		.client_prio = "NORMAL:-CIPHER-ALL:+3DES-CBC:+CIPHER-ALL:-VERS-ALL:+VERS-TLS1.2",
 		.desc = "(TLS1.2)-(ECDHE-SECP256R1)-(ECDSA-SHA256)-(3DES-CBC)-(SHA1)"
diff --git a/tests/tls13/post-handshake-with-cert-pkcs11.c b/tests/tls13/post-handshake-with-cert-pkcs11.c
index faf901dbed..f588250973 100644
--- a/tests/tls13/post-handshake-with-cert-pkcs11.c
+++ b/tests/tls13/post-handshake-with-cert-pkcs11.c
@@ -444,6 +444,9 @@ void doit(void)
 	const char *bin;
 	char buf[128];
 
+	if (gnutls_fips140_mode_enabled())
+		exit(77);
+
 	/* check if softhsm module is loadable */
 	(void) softhsm_lib();