Added oblivious HTTP support (#46)

* Added oblivious HTTP support
* Update README.md

Closes #46

Author: ameshkov

CHANGELOG.md

@@ -14,9 +14,12 @@ adheres to [Semantic Versioning][semver].
 ### Added
 
 - Added `--connect-timeout` command-line argument support. ([#43][#43])
+- Added `--ohttp-gateway-url` and `--ohttp-keys-url` command-line arguments. ([#44][#44])
 
 [#43]: https://github.com/ameshkov/gocurl/issues/43
 
+[#44]: https://github.com/ameshkov/gocurl/issues/44
+
 [unreleased]: https://github.com/ameshkov/gocurl/compare/v1.4.9...HEAD
 
 ## [1.4.9] - 2025-05-19

README.md

@@ -15,6 +15,7 @@ Simplified version of [`curl`](https://curl.se/) written in Go.
 - [New stuff](#newstuff)
     - [Encrypted ClientHello](#ech)
     - [Custom DNS servers](#dns)
+    - [Oblivious HTTP](#ohttp)
     - [Experimental flags](#exp)
         - [Post-quantum cryptography](#pq)
     - [WebSocket support](#websocket)
@@ -228,6 +229,71 @@ gocurl \
       https://example.org/
   ```
 
+<a id="ohttp"></a>
+
+#### Oblivious HTTP
+
+[Oblivious HTTP (OHTTP)][ohttp] is an IETF standard protocol that provides
+end-to-end encryption for HTTP requests and responses while hiding the client's
+identity from the target server. It works by routing encrypted requests through
+a relay and gateway, ensuring that:
+
+- The **relay** sees who is making requests but not what is being requested.
+- The **gateway** sees what is being requested but not who is making the request.
+- The **target server** receives a normal HTTP request from the gateway.
+
+This separation provides strong privacy guarantees, making OHTTP useful for
+privacy-sensitive applications.
+
+`gocurl` has built-in support for OHTTP and can send requests through any
+OHTTP gateway by specifying two command-line arguments:
+
+- `--ohttp-gateway-url` - URL of the OHTTP gateway where the encrypted request
+  will be sent.
+- `--ohttp-keys-url` - URL from which to retrieve the OHTTP KeyConfig needed to
+  encrypt the request.
+
+Here's how to make an OHTTP request to `httpbin.agrd.workers.dev` using a demo
+gateway:
+
+```shell
+gocurl -v \
+  --ohttp-gateway-url "https://httpbin.agrd.workers.dev/ohttp/gateway" \
+  --ohttp-keys-url "https://httpbin.agrd.workers.dev/ohttp/config" \
+  https://httpbin.agrd.workers.dev/get
+```
+
+This command will:
+
+1. Download the OHTTP KeyConfig from the keys URL.
+2. Encrypt your request to `https://httpbin.agrd.workers.dev/get` using OHTTP.
+3. Send the encrypted request to the gateway.
+4. Receive the encrypted response from the gateway.
+5. Decrypt and display the response.
+
+You can also make POST requests through OHTTP:
+
+```shell
+gocurl -v \
+  --ohttp-gateway-url "https://httpbin.agrd.workers.dev/ohttp/gateway" \
+  --ohttp-keys-url "https://httpbin.agrd.workers.dev/ohttp/config" \
+  -d "test data" \
+  https://httpbin.agrd.workers.dev/post
+```
+
+One more example that uses a demo gateway from [Oblivious Network][ohttpdemo]:
+
+```shell
+gocurl -v \
+  --ohttp-gateway-url "https://demo-gateway.oblivious.network/gateway" \
+  --ohttp-keys-url "https://demo-gateway.oblivious.network/ohttp-configs" \
+  https://httpbin.agrd.workers.dev/get
+```
+
+[ohttp]: https://www.ietf.org/rfc/rfc9458.html
+
+[ohttpdemo]: https://docs.oblivious.network/docs/quickstart/
+
 <a id="websocket"></a>
 
 #### WebSocket support
@@ -328,6 +394,10 @@ Application Options:
                                                             gocurl will write everything to stdout.
       --experiment=<name[:value]>                           Allows enabling experimental options. See the documentation
                                                             for available options. Can be specified multiple times.
+      --ohttp-gateway-url=<URL>                             URL of the Oblivious HTTP gateway where the request should
+                                                            be sent.
+      --ohttp-keys-url=<URL>                                URL from which to retrieve Oblivious HTTP KeyConfig to use
+                                                            for encrypting the request.
   -v, --verbose                                             Verbose output (optional).
 
 Help Options:

go.mod

@@ -8,6 +8,7 @@ require (
 	github.com/AdguardTeam/dnsproxy v0.67.0
 	github.com/AdguardTeam/golibs v0.22.0
 	github.com/ameshkov/cfcrypto v0.0.0-20250313151213-d5c09f09fc76
+	github.com/chris-wood/ohttp-go v0.0.0-20230523152405-45fb0d05eb13
 	github.com/gobwas/ws v1.3.2
 	github.com/jessevdk/go-flags v1.5.0
 	github.com/mccutchen/go-httpbin/v2 v2.18.3
@@ -23,7 +24,7 @@ require (
 	github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 // indirect
 	github.com/ameshkov/dnscrypt/v2 v2.3.0 // indirect
 	github.com/ameshkov/dnsstamps v1.0.3 // indirect
-	github.com/cloudflare/circl v1.6.0 // indirect
+	github.com/cloudflare/circl v1.6.1 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/gobwas/httphead v0.1.0 // indirect

go.sum

@@ -12,8 +12,12 @@ github.com/ameshkov/dnscrypt/v2 v2.3.0 h1:pDXDF7eFa6Lw+04C0hoMh8kCAQM8NwUdFEllSP
 github.com/ameshkov/dnscrypt/v2 v2.3.0/go.mod h1:N5hDwgx2cNb4Ay7AhvOSKst+eUiOZ/vbKRO9qMpQttE=
 github.com/ameshkov/dnsstamps v1.0.3 h1:Srzik+J9mivH1alRACTbys2xOxs0lRH9qnTA7Y1OYVo=
 github.com/ameshkov/dnsstamps v1.0.3/go.mod h1:Ii3eUu73dx4Vw5O4wjzmT5+lkCwovjzaEZZ4gKyIH5A=
-github.com/cloudflare/circl v1.6.0 h1:cr5JKic4HI+LkINy2lg3W2jF8sHCVTBncJr5gIIq7qk=
-github.com/cloudflare/circl v1.6.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
+github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
+github.com/chris-wood/ohttp-go v0.0.0-20230523152405-45fb0d05eb13 h1:6KPUTuaINL/GlEf3Fd08p/JVVoVRX4Mh4GtsAJUKv7o=
+github.com/chris-wood/ohttp-go v0.0.0-20230523152405-45fb0d05eb13/go.mod h1:P/sVWl8F9KHJ1esPj/g1A5h8vfA3Ps9n6JOMNf6TszU=
+github.com/cloudflare/circl v1.3.3-0.20230418220640-795540340d5c/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
+github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
+github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -70,6 +74,7 @@ go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU=
 go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
 golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4=
 golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc=
 golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 h1:aAcj0Da7eBAtrTp03QXWvm88pSyOt+UgdZw2BFZ+lEw=
@@ -96,6 +101,7 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
 golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=

internal/client/clientdialer.go

@@ -39,7 +39,7 @@ type clientDialer struct {
 }
 
 // newDialer creates a new instance of the clientDialer.
-func newDialer(cfg *config.Config, out *output.Output) (d *clientDialer, err error) {
+func newDialer(hostname string, cfg *config.Config, out *output.Output) (d *clientDialer, err error) {
 	resolver, err := resolve.NewResolver(cfg, out)
 	if err != nil {
 		return nil, err
@@ -53,7 +53,7 @@ func newDialer(cfg *config.Config, out *output.Output) (d *clientDialer, err err
 	return &clientDialer{
 		cfg:       cfg,
 		out:       out,
-		tlsConfig: createTLSConfig(cfg, out),
+		tlsConfig: createTLSConfig(hostname, cfg, out),
 		resolver:  resolver,
 		dial:      dial,
 	}, nil
@@ -202,9 +202,9 @@ func (r *tlsRandomReader) Read(p []byte) (n int, err error) {
 }
 
 // createTLSConfig creates TLS config based on the configuration.
-func createTLSConfig(cfg *config.Config, out *output.Output) (tlsConfig *tls.Config) {
+func createTLSConfig(hostname string, cfg *config.Config, out *output.Output) (tlsConfig *tls.Config) {
 	tlsConfig = &tls.Config{
-		ServerName: cfg.RequestURL.Hostname(),
+		ServerName: hostname,
 		MinVersion: cfg.TLSMinVersion,
 		MaxVersion: cfg.TLSMaxVersion,
 	}

internal/client/ohttp.go

@@ -0,0 +1,199 @@
+package client
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"net/url"
+
+	"github.com/ameshkov/gocurl/internal/config"
+	"github.com/ameshkov/gocurl/internal/output"
+	"github.com/chris-wood/ohttp-go"
+)
+
+// obliviousHTTPTransport is transport that uses Oblivious HTTP to encrypt
+// requests before sending them to a gateway.
+type obliviousHTTPTransport struct {
+	base         Transport
+	gatewayURL   *url.URL
+	publicConfig ohttp.PublicConfig
+	out          *output.Output
+}
+
+// type check
+var _ Transport = (*obliviousHTTPTransport)(nil)
+
+// Conn returns the last established connection using this transport.
+func (t *obliviousHTTPTransport) Conn() (conn net.Conn) {
+	return t.base.Conn()
+}
+
+// RoundTrip implements the http.RoundTripper interface for
+// *obliviousHTTPTransport. It encrypts the request using OHTTP and sends it to
+// the gateway.
+func (t *obliviousHTTPTransport) RoundTrip(r *http.Request) (resp *http.Response, err error) {
+	// Create an OHTTP client with the public configuration.
+	client := ohttp.NewDefaultClient(t.publicConfig)
+
+	// Serialize the original request using BinaryRequest format.
+	binaryReq := (*ohttp.BinaryRequest)(r)
+	requestBytes, err := binaryReq.Marshal()
+	if err != nil {
+		return nil, fmt.Errorf("failed to serialize request: %w", err)
+	}
+
+	t.out.Debug("Encrypting request with OHTTP, original size: %d bytes", len(requestBytes))
+
+	// Encrypt the request using OHTTP.
+	encapsulatedReq, encapContext, err := client.EncapsulateRequest(requestBytes)
+	if err != nil {
+		return nil, fmt.Errorf("failed to encapsulate request: %w", err)
+	}
+
+	// Marshal the encapsulated request to bytes.
+	encapsulatedReqBytes := encapsulatedReq.Marshal()
+	t.out.Debug("Encrypted request size: %d bytes", len(encapsulatedReqBytes))
+
+	// Create a new HTTP POST request to the gateway with the encrypted payload.
+	gatewayReq, err := http.NewRequest(http.MethodPost, t.gatewayURL.String(), bytes.NewReader(encapsulatedReqBytes))
+	if err != nil {
+		return nil, fmt.Errorf("failed to create gateway request: %w", err)
+	}
+
+	// Set the content type for OHTTP requests.
+	gatewayReq.Header.Set("Content-Type", "message/ohttp-req")
+
+	t.out.Debug("Sending encrypted request to gateway: %s", t.gatewayURL.String())
+
+	// Send the encrypted request to the gateway.
+	gatewayResp, err := t.base.RoundTrip(gatewayReq)
+	if err != nil {
+		return nil, fmt.Errorf("failed to send request to gateway: %w", err)
+	}
+	defer func() {
+		_ = gatewayResp.Body.Close()
+	}()
+
+	// Verify the gateway response status.
+	if gatewayResp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("gateway returned non-OK status: %s", gatewayResp.Status)
+	}
+
+	// Verify the gateway response content type.
+	contentType := gatewayResp.Header.Get("Content-Type")
+	if contentType != "message/ohttp-res" {
+		t.out.Debug("Warning: unexpected Content-Type from gateway: %s (expected message/ohttp-res)", contentType)
+	}
+
+	// Read the encrypted response from the gateway.
+	encapsulatedRespBytes, err := io.ReadAll(gatewayResp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read gateway response: %w", err)
+	}
+
+	t.out.Debug("Received encrypted response from gateway, size: %d bytes", len(encapsulatedRespBytes))
+
+	// Unmarshal the encapsulated response.
+	encapsulatedResp, err := ohttp.UnmarshalEncapsulatedResponse(encapsulatedRespBytes)
+	if err != nil {
+		return nil, fmt.Errorf("failed to unmarshal encapsulated response: %w", err)
+	}
+
+	// Decrypt the response using OHTTP.
+	decryptedResp, err := encapContext.DecapsulateResponse(encapsulatedResp)
+	if err != nil {
+		return nil, fmt.Errorf("failed to decapsulate response: %w", err)
+	}
+
+	t.out.Debug("Decrypted response size: %d bytes", len(decryptedResp))
+
+	// Parse the decrypted response as an HTTP response using BinaryResponse
+	// format.
+	resp, err = ohttp.UnmarshalBinaryResponse(decryptedResp)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse decrypted response: %w", err)
+	}
+
+	return resp, nil
+}
+
+func newRoundTripper(
+	hostname string,
+	cfg *config.Config,
+	out *output.Output,
+) (rt http.RoundTripper, d *clientDialer, err error) {
+	d, err = newDialer(hostname, cfg, out)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// Create transport for communicating with the hostname.
+	rt, err = createHTTPTransport(d, cfg)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return rt, d, nil
+}
+
+// newObliviousHTTPTransport creates a new obliviousHTTPTransport.
+func newObliviousHTTPTransport(
+	cfg *config.Config,
+	out *output.Output,
+) (rt Transport, err error) {
+	// Create base transport for requesting the KeyConfig.
+	keyTransport, _, err := newRoundTripper(cfg.OHTTPKeysURL.Hostname(), cfg, out)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create key transport: %w", err)
+	}
+
+	// Download the KeyConfig from the keys URL.
+	out.Debug("Downloading OHTTP KeyConfig from: %s", cfg.OHTTPKeysURL.String())
+
+	keyReq, err := http.NewRequest(http.MethodGet, cfg.OHTTPKeysURL.String(), nil)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create OHTTP KeyConfig request: %w", err)
+	}
+
+	keyResp, err := keyTransport.RoundTrip(keyReq)
+	if err != nil {
+		return nil, fmt.Errorf("failed to download OHTTP KeyConfig: %w", err)
+	}
+	defer func() {
+		_ = keyResp.Body.Close()
+	}()
+
+	if keyResp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("failed to download OHTTP KeyConfig, status: %s", keyResp.Status)
+	}
+
+	keyConfigBytes, err := io.ReadAll(keyResp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read OHTTP KeyConfig: %w", err)
+	}
+
+	out.Debug("Downloaded OHTTP KeyConfig, size: %d bytes", len(keyConfigBytes))
+
+	// Deserialize and validate the KeyConfig (PublicConfig).
+	publicConfig, err := ohttp.UnmarshalPublicConfig(keyConfigBytes)
+	if err != nil {
+		return nil, fmt.Errorf("failed to deserialize OHTTP KeyConfig: %w", err)
+	}
+
+	out.Debug("OHTTP KeyConfig deserialized successfully, KeyID: %d", publicConfig.ID)
+
+	// Create base transport for communicating with the gateway.
+	gwTransport, d, err := newRoundTripper(cfg.OHTTPGatewayURL.Hostname(), cfg, out)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create gateway transport: %w", err)
+	}
+
+	return &obliviousHTTPTransport{
+		base:         &transport{d: d, base: gwTransport},
+		gatewayURL:   cfg.OHTTPGatewayURL,
+		publicConfig: publicConfig,
+		out:          out,
+	}, nil
+}

internal/client/transport.go

@@ -63,7 +63,13 @@ func (t *transport) RoundTrip(r *http.Request) (resp *http.Response, err error)
 // NewTransport creates a new http.RoundTripper that will be used for making
 // the request.
 func NewTransport(cfg *config.Config, out *output.Output) (rt Transport, err error) {
-	d, err := newDialer(cfg, out)
+	// If OHTTP is enabled, use the oblivious HTTP transport.
+	if cfg.OHTTPGatewayURL != nil && cfg.OHTTPKeysURL != nil {
+		return newObliviousHTTPTransport(cfg, out)
+	}
+
+	hostname := cfg.RequestURL.Hostname()
+	d, err := newDialer(hostname, cfg, out)
 	if err != nil {
 		return nil, err
 	}