]> Sergey Matveev's repositories - tofuproxy.git/commitdiff
projects / tofuproxy.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 13bb37f)
GOST-compatible TLS authentication gost
authorSergey Matveev <stargrave@stargrave.org>
Tue, 8 Nov 2022 10:57:56 +0000 (13:57 +0300)
committerSergey Matveev <stargrave@stargrave.org>
Fri, 14 Apr 2023 09:18:43 +0000 (12:18 +0300)
tls/tlsauth.go patch | blob | history

diff --git a/tls/tlsauth.go b/tls/tlsauth.go
index bca76efc73514703fdb26b46c76a04411c343ca5..7d8bf23bbd056ef3dba8cb621119a9db18dd0934 100644 (file)
--- a/tls/tlsauth.go
+++ b/tls/tlsauth.go
@@ -31,6 +31,8 @@ import (
        "strconv"
        "strings"
 
+       "crypto/go.cypherpunks.ru/gogost/v5/gost3410"
+
        "go.cypherpunks.ru/ucspi"
        "go.stargrave.org/tofuproxy/caches"
        "go.stargrave.org/tofuproxy/fifos"
@@ -115,6 +117,9 @@ foreach sigScheme {%s} {
                if err != nil {
                        log.Fatalln(err)
                }
+               if gostPrv, ok := prv.(*gost3410.PrivateKey); ok {
+                       prv = &gost3410.PrivateKeyReverseDigestAndSignature{Prv: gostPrv}
+               }
                certs = append(certs, cert)
                tlsCerts = append(tlsCerts, &tls.Certificate{
                        Certificate: [][]byte{cert.Raw},
Flexible HTTP/HTTPS proxy, TLS terminator, X.509 TOFU manager, WARC/geminispace browser