From fc5883ccb8ad59a1a01e8189897f38c3debf46e8 Mon Sep 17 00:00:00 2001
From: Sergey Matveev <stargrave@stargrave.org>
Date: Tue, 8 Nov 2022 13:57:56 +0300
Subject: [PATCH] GOST-compatible TLS authentication

---
 tls/tlsauth.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tls/tlsauth.go b/tls/tlsauth.go
index bca76ef..7d8bf23 100644
--- a/tls/tlsauth.go
+++ b/tls/tlsauth.go
@@ -31,6 +31,8 @@ import (
 	"strconv"
 	"strings"
 
+	"crypto/go.cypherpunks.ru/gogost/v5/gost3410"
+
 	"go.cypherpunks.ru/ucspi"
 	"go.stargrave.org/tofuproxy/caches"
 	"go.stargrave.org/tofuproxy/fifos"
@@ -115,6 +117,9 @@ foreach sigScheme {%s} {
 		if err != nil {
 			log.Fatalln(err)
 		}
+		if gostPrv, ok := prv.(*gost3410.PrivateKey); ok {
+			prv = &gost3410.PrivateKeyReverseDigestAndSignature{Prv: gostPrv}
+		}
 		certs = append(certs, cert)
 		tlsCerts = append(tlsCerts, &tls.Certificate{
 			Certificate: [][]byte{cert.Raw},
-- 
2.50.0