From: Sergey Matveev <stargrave@stargrave.org>
Date: Tue, 8 Nov 2022 10:57:56 +0000 (+0300)
Subject: GOST-compatible TLS authentication
X-Git-Url: http://www.git.stargrave.org/?a=commitdiff_plain;h=fc5883ccb8ad59a1a01e8189897f38c3debf46e8;p=tofuproxy.git

GOST-compatible TLS authentication
---

diff --git a/tls/tlsauth.go b/tls/tlsauth.go
index bca76ef..7d8bf23 100644
--- a/tls/tlsauth.go
+++ b/tls/tlsauth.go
@@ -31,6 +31,8 @@ import (
 	"strconv"
 	"strings"
 
+	"crypto/go.cypherpunks.ru/gogost/v5/gost3410"
+
 	"go.cypherpunks.ru/ucspi"
 	"go.stargrave.org/tofuproxy/caches"
 	"go.stargrave.org/tofuproxy/fifos"
@@ -115,6 +117,9 @@ foreach sigScheme {%s} {
 		if err != nil {
 			log.Fatalln(err)
 		}
+		if gostPrv, ok := prv.(*gost3410.PrivateKey); ok {
+			prv = &gost3410.PrivateKeyReverseDigestAndSignature{Prv: gostPrv}
+		}
 		certs = append(certs, cert)
 		tlsCerts = append(tlsCerts, &tls.Certificate{
 			Certificate: [][]byte{cert.Raw},