Expand description
libmoshpit - moshpit library
Structs§
- Algorithm
List - Ordered list of algorithm names offered during KEX negotiation.
- Connection
Reader - A reader over a
ReadHalfandBytesMutbuffer. - Connection
Writer - A writer over a
WriteHalfandBytesMutbuffer. - Emulator
- A VT100/VT220 terminal emulator that tracks screen state.
- Encrypted
KeyPair - A moshpit encrypted key pair. A password is required to decrypt the private key.
- File
Layer - Tracing configuration
- Identity
KeyPair - Algorithm-aware identity key material loaded from a moshpit private key file.
- Kex
- The moshpit key exchange result
- KexReader
- The key exchange reader for the moshpit
- KexSender
- The key exchange sender for the moshpit
- KexState
Machine - The moshpit key exchange state machine
- KeyPair
- A moshpit key pair consisting of a private and public key.
- Layer
- Tracing configuration
- Mps
- Used in bartoc configuration to define the bartos instance to connect to
- Negotiated
Algorithms - The result of
negotiate: the single algorithm chosen for each category. - Overlay
Cell - A cell to be painted on top of the real screen when rendering.
- Overlay
Cursor - Predicted cursor position to be applied after rendering overlay cells.
- Prediction
Engine - Local-echo prediction engine.
- Renderer
- A stateful differential renderer.
- Server
Kex - Extended key exchange for the moshpits side of the exchange
- Tracing
- Tracing configuration
- UdpClient
- UDP client data
- UdpReader
- UDP reader for encrypted frames
- UdpSender
- UDP sender for encrypted frames
- Unencrypted
KeyPair - A moshpit unencrypted key pair consisting of a private and public key.
- Uuid
Wrapper - A
Uuidwrapper that implementsbincode::Encodeandbincode::Decode
Enums§
- AEAD
Cipher - The AEAD cipher algorithms supported by moshpit key generation.
- Diff
Mode - Controls the UDP transport delivery strategy for diff packets.
- Display
Preference - How aggressively to display local-echo predictions.
- Encrypted
Frame - A moshpit frame.
- Frame
- A moshpit frame.
- KexEvent
- The key exchange events
- KexMode
- The key exchange mode
- KexState
- The moshpit key exchange state
- Moshpit
Error - Errors that can occur in moshpit
- Terminal
Message - A message for the moshpits psuedo-terminal
Constants§
- AEAD_
AES128_ GCM_ SIV - AES-128-GCM-SIV authenticated encryption (16-byte key)
- AEAD_
AES256_ GCM - AES-256-GCM authenticated encryption
- AEAD_
AES256_ GCM_ SIV - AES-256-GCM-SIV authenticated encryption (nonce-misuse resistant)
- AEAD_
CHACH A20_ POLY1305 - ChaCha20-Poly1305 authenticated encryption (fast on no-AES-NI CPUs)
- KDF_
HKDF_ SHA256 - HKDF-SHA256 key expansion
- KDF_
HKDF_ SHA384 - HKDF-SHA384 key expansion (natural pairing with P-384)
- KDF_
HKDF_ SHA512 - HKDF-SHA512 key expansion (higher security margin)
- KEX_
ML_ KEM_ 512_ SHA256 - NIST FIPS 203 ML-KEM-512 with HKDF-SHA256 key extraction
- KEX_
ML_ KEM_ 768_ SHA256 - NIST FIPS 203 ML-KEM-768 with HKDF-SHA256 key extraction
- KEX_
ML_ KEM_ 1024_ SHA256 - NIST FIPS 203 ML-KEM-1024 with HKDF-SHA256 key extraction
- KEX_
P256_ SHA256 - NIST P-256 ECDH with HKDF-SHA256 (FIPS-compliant environments)
- KEX_
P384_ SHA384 - NIST P-384 ECDH with HKDF-SHA384 key extraction (higher security margin)
- KEX_
X25519_ SHA256 - X25519 ECDH with HKDF-SHA256 key extraction
- KEY_
ALGORITHM_ ML_ DSA_ 44 unstable - The experimental key algorithm string for ML-DSA-44 identity keys.
- KEY_
ALGORITHM_ ML_ DSA_ 65 unstable - The experimental key algorithm string for ML-DSA-65 identity keys.
- KEY_
ALGORITHM_ ML_ DSA_ 87 unstable - The experimental key algorithm string for ML-DSA-87 identity keys.
- KEY_
ALGORITHM_ P256 - The key algorithm string for ECDH P-256 keys.
- KEY_
ALGORITHM_ P384 - The key algorithm string for ECDH P-384 keys.
- KEY_
ALGORITHM_ X25519 - The key algorithm string for X25519 (Curve25519) ECDH keys.
- MAC_
HMAC_ SHA256 - HMAC-SHA256 packet authentication (32-byte tag, saves 32 B/packet)
- MAC_
HMAC_ SHA512 - HMAC-SHA512 packet authentication (64-byte tag)
- MAX_
UDP_ PAYLOAD - Maximum payload size for UDP frames to avoid IP fragmentation. Accounts for ~140 bytes of wire overhead (nonce, seq, HMAC, length, UUID, AEAD tag, bincode) subtracted from a conservative 1400-byte UDP payload target (below 1500-byte Ethernet MTU minus IP/UDP headers).
Traits§
- KexConfig
- Trait for key exchange configuration
- Path
Defaults - Trait to allow default paths to be supplied to
load - Tracing
Config Ext - Extension trait for
TracingConfigto add additional configuration options
Functions§
- clap_
or_ error - Converts an
anyhow::Errorinto a suitable exit code or clap message for a CLI application. - decrypt_
private_ key - Decrypts the provided encrypted private key bytes in place using the
- env_
var_ matches - Returns
trueifnamematches any pattern inpatterns. - extract_
public_ key_ bytes - Extract the public key bytes from a moshpit public key reader
- fingerprint
- Generate the fingerprint for the given key bytes
- init_
tracing - Initialize tracing
- is_
exit_ title - Check if a terminal title indicates an exit command
- load
- Load the configuration
- load_
identity_ key - Load and validate identity key material, decrypting it with
passphrasewhen needed. - load_
private_ key - Load a moshpit key pair from the provided private key path.
- load_
public_ key - Load a moshpit public key from the provided public key path.
- negotiate
- SSH-style “first match wins” algorithm negotiation.
- new_
session_ registry - Create a new, empty
SessionRegistry. - paint_
overlays_ to_ ansi - Emit the ANSI sequences for
overlaysandcursorwithout touching any renderer state. Used by the stdin forwarder to preview predicted keystrokes on top of whatever is currently displayed — without modifying the differential-render baseline. - parse_
server_ destination - Parse the server destination command line option into a
SocketAddr - randomart
- Get the randomart image for the given key bytes
- run_
key_ exchange - Run the client side of the key exchange
- success
- Indicates successful execution of a function, returning exit code 0.
- supported_
algorithms - Returns the complete set of algorithms supported by this build, in server-default preference order (strongest / most broadly compatible first).
- to_
path_ buf - Convert a string to a
PathBuf - validate_
identity_ key_ pair - Validate decrypted identity key material against the public key stored in the key file.
- verify_
fingerprint - Verify a public key fingerprint against the provided key bytes
Type Aliases§
- Host
KeyMismatch Fn - Callback invoked when a known host presents a different key than pinned.
- Session
Registry - Minimal session registry used during key exchange.
- TofuFn
- The callback type for TOFU (Trust-On-First-Use) interactive host key validation.