diff -up yum-3.4.3/yum/Errors.py.orig yum-3.4.3/yum/Errors.py
--- yum-3.4.3/yum/Errors.py.orig	2017-09-14 18:42:26.740558383 +0200
+++ yum-3.4.3/yum/Errors.py	2017-09-14 18:42:30.371541754 +0200
@@ -99,6 +99,11 @@ class ConfigError(YumBaseError):
 class MiscError(YumBaseError):
     pass
 
+class FIPSNonCompliantError(MiscError):
+    def __init__(self, sumtype):
+        MiscError.__init__(
+            self, '%s algorithm is not FIPS compliant' % sumtype)
+
 class GroupsError(YumBaseError):
     pass
 
diff -up yum-3.4.3/yum/misc.py.orig yum-3.4.3/yum/misc.py
--- yum-3.4.3/yum/misc.py.orig	2017-09-14 18:42:26.794558135 +0200
+++ yum-3.4.3/yum/misc.py	2017-09-14 18:42:30.372541749 +0200
@@ -58,11 +58,20 @@ except ImportError:
             raise ValueError, "Bad checksum type"
 
 # some checksum types might be disabled
+_fips_noncompliant = set()
 for ctype in list(_available_checksums):
     try:
         hashlib.new(ctype)
-    except:
-        print >> sys.stderr, 'Checksum type %s disabled' % repr(ctype)
+    except Exception as e:
+        # Print an error unless this is due to FIPS mode (in which case it's
+        # not really an error and we don't want to pollute the output
+        # needlessly; if someone actually tries to instantiate a Checksum with
+        # a FIPS non-compliant ctype, we'll raise an explanatory exception
+        # anyway).
+        if isinstance(e, ValueError) and str(e).endswith('disabled for fips'):
+            _fips_noncompliant.add(ctype)
+        else:
+            print >> sys.stderr, 'Checksum type %s disabled' % repr(ctype)
         _available_checksums.remove(ctype)
 for ctype in 'sha256', 'sha1':
     if ctype in _available_checksums:
@@ -71,7 +80,7 @@ for ctype in 'sha256', 'sha1':
 else:
     raise ImportError, 'broken hashlib'
 
-from Errors import MiscError
+from Errors import MiscError, FIPSNonCompliantError
 # These are API things, so we can't remove them even if they aren't used here.
 # pylint: disable-msg=W0611
 from i18n import to_utf8, to_unicode
@@ -271,6 +280,8 @@ class Checksums:
                 sumalgo = hashlib.new(sumtype)
             elif ignore_missing:
                 continue
+            elif sumtype in _fips_noncompliant:
+                raise FIPSNonCompliantError(sumtype)
             else:
                 raise MiscError, 'Error Checksumming, bad checksum type %s' % sumtype
             done.add(sumtype)
diff -up yum-3.4.3/yum/yumRepo.py.orig yum-3.4.3/yum/yumRepo.py
--- yum-3.4.3/yum/yumRepo.py.orig	2017-09-14 18:42:26.879557746 +0200
+++ yum-3.4.3/yum/yumRepo.py	2017-09-14 18:43:23.422298802 +0200
@@ -497,7 +497,10 @@ class YumRepository(Repository, config.R
         except (Errors.MiscError, EnvironmentError), e:
             if checksum_can_fail:
                 return None
-            raise Errors.RepoError, 'Error opening file for checksum: %s' % e
+            msg = 'Error opening file for checksum: %s' % e
+            if isinstance(e, Errors.FIPSNonCompliantError):
+                msg = str(e)
+            raise Errors.RepoError(msg)
 
     def dump(self):
         output = '[%s]\n' % self.id
@@ -1799,7 +1802,7 @@ Insufficient space in download directory
         except Errors.RepoError, e:
             if check_can_fail:
                 return None
-            raise URLGrabError(-3, 'Error performing checksum')
+            raise URLGrabError(-3, 'Error performing checksum: %s' % e)
 
         if l_csum == r_csum:
             _xattr_set_chksum(file, r_ctype, l_csum)