diff --git a/mozilla/security/manager/ssl/nsNSSComponent.cpp b/mozilla/security/manager/ssl/nsNSSComponent.cpp
index c091ce7a763..5fd5a9bb549 100644
--- a/mozilla/security/manager/ssl/nsNSSComponent.cpp
+++ b/mozilla/security/manager/ssl/nsNSSComponent.cpp
@@ -903,6 +903,16 @@ nsresult LoadLoadableRootsTask::LoadLoadableRoots() {
   return NS_ERROR_FAILURE;
 }
 
+// These cipher suites are already assigned to GOST by IANA --- see
+// https://www.iana.org/assignments/tls-parameters/tls-parameters-4.csv .
+#define TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC 0xC100
+#define TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC      0xC101
+#define TLS_GOSTR341112_256_WITH_28147_CNT_IMIT      0xC102
+
+// This cipher suite is known to be used by https://eruz.zakupki.gov.ru/
+// for GOST-R-3411.94 with GOST-28147 IMIT mode cipher:
+#define TLS_GOSTR341194_WITH_28147_CNT_IMIT          0x0081
+
 // Table of pref names and SSL cipher ID
 typedef struct {
   const char* pref;
@@ -956,6 +966,18 @@ static const CipherPref sCipherPrefs[] = {
     {"security.ssl3.rsa_des_ede3_sha", TLS_RSA_WITH_3DES_EDE_CBC_SHA,
      true},  // deprecated (RSA key exchange, 3DES)
 
+    {"security.ssl3.ecdhe_gostr_3411_12_256_kuznyechik_ctr_omac",
+     TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC, true},
+
+    {"security.ssl3.ecdhe_gostr_3411_12_256_magma_ctr_omac",
+     TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC, true},
+
+    {"security.ssl3.ecdhe_gostr_3411_12_256_28147_cnt_imit",
+     TLS_GOSTR341112_256_WITH_28147_CNT_IMIT, true},
+
+    {"security.ssl3.ecdhe_gostr_3411_94_256_28147_cnt_imit",
+     TLS_GOSTR341194_WITH_28147_CNT_IMIT, true},
+
     // All the rest are disabled
 
     {nullptr, 0}  // end marker