src/crypto/tls/common.go                 | 3 +++
 src/crypto/tls/conn.go                   | 3 +++
 src/crypto/tls/handshake_client_tls13.go | 2 ++
 src/crypto/tls/handshake_server_tls13.go | 1 +

diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index 5a1bdbebcb715affb0a6e3139f48053b05e2f2a7..cf635cbb8d12eb7ddeb820f7dae8d3adf9ae592a 100644
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -288,6 +288,9 @@ 	TLSUnique []byte
 
 	// ekm is a closure exposed via ExportKeyingMaterial.
 	ekm func(label string, context []byte, length int) ([]byte, error)
+
+	// Exists only GOSTed version! ECDHE curve used during handshake.
+	HSCurve CurveID
 }
 
 // ExportKeyingMaterial returns length bytes of exported key material in a new
diff --git a/src/crypto/tls/conn.go b/src/crypto/tls/conn.go
index edcfecf81d77c63d9b3a14eee29a85bf0fed3324..e8e8fd119153d5603be5336d79e8b19494a29d15 100644
--- a/src/crypto/tls/conn.go
+++ b/src/crypto/tls/conn.go
@@ -114,6 +114,8 @@ 	// in Conn.Write.
 	activeCall int32
 
 	tmp [16]byte
+
+	hsCurve CurveID
 }
 
 // Access to net.Conn methods.
@@ -1407,6 +1409,7 @@ 		state.ekm = noExportedKeyingMaterial
 	} else {
 		state.ekm = c.ekm
 	}
+	state.HSCurve = c.hsCurve
 	return state
 }
 
diff --git a/src/crypto/tls/handshake_client_tls13.go b/src/crypto/tls/handshake_client_tls13.go
index 400e8826b70633208b26e46b449b41cec06de6b4..a74866f7fccae64079037677b11d3c494c0953f0 100644
--- a/src/crypto/tls/handshake_client_tls13.go
+++ b/src/crypto/tls/handshake_client_tls13.go
@@ -231,6 +231,7 @@ 			return err
 		}
 		hs.ecdheParams = params
 		hs.hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
+		c.hsCurve = curveID
 	}
 
 	hs.hello.raw = nil
@@ -308,6 +309,7 @@ 	if hs.serverHello.serverShare.group != hs.ecdheParams.CurveID() {
 		c.sendAlert(alertIllegalParameter)
 		return errors.New("tls: server selected unsupported group")
 	}
+	c.hsCurve = hs.ecdheParams.CurveID()
 
 	if !hs.serverHello.selectedIdentityPresent {
 		return nil
diff --git a/src/crypto/tls/handshake_server_tls13.go b/src/crypto/tls/handshake_server_tls13.go
index e02dc9f824abeca765f83aa3d78da1c30dcb9b14..51e34bc3ace71ee389c7e05400b16d0fb4b271f5 100644
--- a/src/crypto/tls/handshake_server_tls13.go
+++ b/src/crypto/tls/handshake_server_tls13.go
@@ -220,6 +220,7 @@ 		return errors.New("tls: invalid client key share")
 	}
 
 	c.serverName = hs.clientHello.serverName
+	c.hsCurve = selectedGroup
 	return nil
 }