diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc

index 3475afe..f93ba0d 100644

--- a/libqpdf/QPDF.cc

+++ b/libqpdf/QPDF.cc

@@ -19,6 +19,10 @@

 #include <qpdf/QPDF_Null.hh>

 #include <qpdf/QPDF_Dictionary.hh>

+#ifdef HAVE_GNUTLS

+# include <gnutls/crypto.h>

+#endif

+

 std::string QPDF::qpdf_version = "7.1.1";

 static char const* EMPTY_PDF =

@@ -139,7 +143,13 @@ QPDF::processFile(char const* filename, char const* password)

 {

     FileInputSource* fi = new FileInputSource();

     fi->setFilename(filename);

+#ifdef HAVE_GNUTLS

+    GNUTLS_FIPS140_SET_LAX_MODE();

+#endif

     processInputSource(fi, password);

+#ifdef HAVE_GNUTLS

+    GNUTLS_FIPS140_SET_STRICT_MODE();

+#endif

 }

 void

@@ -148,7 +158,13 @@ QPDF::processFile(char const* description, FILE* filep,

 {

     FileInputSource* fi = new FileInputSource();

     fi->setFile(description, filep, close_file);

+#ifdef HAVE_GNUTLS

+    GNUTLS_FIPS140_SET_LAX_MODE();

+#endif

     processInputSource(fi, password);

+#ifdef HAVE_GNUTLS

+    GNUTLS_FIPS140_SET_STRICT_MODE();

+#endif

 }

 void

diff --git a/libqpdf/QPDFWriter.cc b/libqpdf/QPDFWriter.cc

index 0544640..48fe50d 100644

--- a/libqpdf/QPDFWriter.cc

+++ b/libqpdf/QPDFWriter.cc

@@ -23,6 +23,10 @@

 #include <algorithm>

 #include <stdlib.h>

+#ifdef HAVE_GNUTLS

+#include <gnutls/crypto.h>

+#endif

+

 QPDFWriter::Members::Members(QPDF& pdf) :

     pdf(pdf),

     filename(0),

@@ -323,6 +327,13 @@ void

 QPDFWriter::setDeterministicID(bool val)

 {

     this->m->deterministic_id = val;

+

+#ifdef HAVE_GNUTLS

+    if (val)

+	GNUTLS_FIPS140_SET_LAX_MODE();

+    else

+	GNUTLS_FIPS140_SET_STRICT_MODE();

+#endif

 }

 void

@@ -344,6 +355,13 @@ void

 QPDFWriter::setPreserveEncryption(bool val)

 {

     this->m->preserve_encryption = val;

+

+#ifdef HAVE_GNUTLS

+    if (val)

+	GNUTLS_FIPS140_SET_STRICT_MODE();

+    else

+	GNUTLS_FIPS140_SET_LAX_MODE();

+#endif

 }

 void

diff --git a/libqpdf/QPDF_encryption.cc b/libqpdf/QPDF_encryption.cc

index fd717c3..9b38914 100644

--- a/libqpdf/QPDF_encryption.cc

+++ b/libqpdf/QPDF_encryption.cc

@@ -1,6 +1,8 @@

 // This file implements methods from the QPDF class that involve

 // encryption.

+#include <qpdf/qpdf-config.h>

+

 #include <qpdf/QPDF.hh>

 #include <qpdf/QPDFExc.hh>

@@ -18,6 +20,10 @@

 #include <assert.h>

 #include <string.h>

+#ifdef HAVE_GNUTLS

+# include <gnutls/crypto.h>

+#endif

+

 static unsigned char const padding_string[] = {

     0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,

     0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,

@@ -1084,6 +1090,12 @@ QPDF::getKeyForObject(int objid, int generation, bool use_aes)

 void

 QPDF::decryptString(std::string& str, int objid, int generation)

 {

+#ifdef HAVE_GNUTLS

+    unsigned oldmode = gnutls_fips140_mode_enabled();

+

+    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);

+#endif

+

     if (objid == 0)

     {

 	return;

@@ -1162,6 +1174,10 @@ QPDF::decryptString(std::string& str, int objid, int generation)

 		      QUtil::int_to_string(objid) + " " +

 		      QUtil::int_to_string(generation) + ": " + e.what());

     }

+

+#ifdef HAVE_GNUTLS

+    gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);

+#endif

 }

 void

@@ -1169,6 +1185,12 @@ QPDF::decryptStream(Pipeline*& pipeline, int objid, int generation,

 		    QPDFObjectHandle& stream_dict,

 		    std::vector<PointerHolder<Pipeline> >& heap)

 {

+#ifdef HAVE_GNUTLS

+    unsigned oldmode = gnutls_fips140_mode_enabled();

+

+    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);

+#endif

+

     std::string type;

     if (stream_dict.getKey("/Type").isName())

     {

@@ -1297,6 +1319,10 @@ QPDF::decryptStream(Pipeline*& pipeline, int objid, int generation,

                               key.length());

     }

     heap.push_back(pipeline);

+

+#ifdef HAVE_GNUTLS

+    gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);

+#endif

 }

 void