From a5728b15f9abcead6561115169661702a4285eed Mon Sep 17 00:00:00 2001
From: JohnE <git@malloc.io>
Date: Fri, 13 Mar 2026 20:03:04 -0700
Subject: [PATCH] NEW: macro debug to bridge logging accross FFI boundaries

---
 rust/Cargo.toml        |  1 +
 rust/src/api/crypto.rs | 23 +++++++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/rust/Cargo.toml b/rust/Cargo.toml
index 0e4b1b0..06083d9 100644
--- a/rust/Cargo.toml
+++ b/rust/Cargo.toml
@@ -13,3 +13,4 @@ crate-type = ["cdylib", "staticlib"]
 ccc-crypto-core = { path = "/Volumes/LUM/source/letusmsg_proj/app/lum_ccc_rust/crates/ccc-crypto-core" }
 ccc-crypto-wolfssl = { path = "/Volumes/LUM/source/letusmsg_proj/app/lum_ccc_rust/crates/ccc-crypto-wolfssl" }
 flutter_rust_bridge = "=2.11.1"
+log = "0.4"
diff --git a/rust/src/api/crypto.rs b/rust/src/api/crypto.rs
index b99e677..b2f511e 100644
--- a/rust/src/api/crypto.rs
+++ b/rust/src/api/crypto.rs
@@ -7,6 +7,15 @@ use ccc_crypto_wolfssl::WolfSslProvider;
 
 use crate::api::dto::*;
 
+/// Trace-level bridge logging. Visible only when `RUST_LOG=trace` (or
+/// equivalent) is set; compiled out in release builds when the `log` crate's
+/// `release_max_level_off` feature is enabled.
+macro_rules! dbg_bridge {
+    ($($arg:tt)*) => {
+        log::trace!("[ccc-bridge] {}", format!($($arg)*));
+    };
+}
+
 // ── Helpers ──────────────────────────────────────────────────────────────────
 
 /// Default provider name used when the caller doesn't specify one.
@@ -41,10 +50,12 @@ fn kem_provider() -> &'static WolfSslProvider {
 /// Registers the wolfSSL provider in the global registry.
 /// Safe to call multiple times (idempotent).
 pub fn ccc_init() {
+    dbg_bridge!("ccc_init: enter");
     flutter_rust_bridge::setup_default_user_utils();
     if !ProviderRegistry::global().contains(DEFAULT_PROVIDER) {
         ccc_crypto_wolfssl::init();
     }
+    dbg_bridge!("ccc_init: exit");
 }
 
 // ── Provider info ────────────────────────────────────────────────────────────
@@ -52,11 +63,13 @@ pub fn ccc_init() {
 /// List all registered provider names.
 #[flutter_rust_bridge::frb(sync)]
 pub fn ccc_list_providers() -> Vec<String> {
+    dbg_bridge!("ccc_list_providers");
     ProviderRegistry::global().list()
 }
 
 /// Return the capabilities of the default provider.
 pub fn ccc_capabilities() -> Result<CccCapabilities, CccCryptoError> {
+    dbg_bridge!("ccc_capabilities");
     let provider = default_provider()?;
     Ok(CccCapabilities::from(provider.capabilities()))
 }
@@ -73,6 +86,7 @@ pub fn ccc_aead_encrypt(
     plaintext: Vec<u8>,
     aad: Vec<u8>,
 ) -> Result<Vec<u8>, CccCryptoError> {
+    dbg_bridge!("ccc_aead_encrypt: pt_len={}", plaintext.len());
     let provider = default_provider()?;
     Ok(provider.encrypt_aead(algorithm.to_core(), &key, &nonce, &plaintext, &aad)?)
 }
@@ -87,6 +101,7 @@ pub fn ccc_aead_decrypt(
     ciphertext: Vec<u8>,
     aad: Vec<u8>,
 ) -> Result<Vec<u8>, CccCryptoError> {
+    dbg_bridge!("ccc_aead_decrypt: ct_len={}", ciphertext.len());
     let provider = default_provider()?;
     Ok(provider.decrypt_aead(algorithm.to_core(), &key, &nonce, &ciphertext, &aad)?)
 }
@@ -101,6 +116,7 @@ pub fn ccc_kdf_derive(
     info: Vec<u8>,
     length: u32,
 ) -> Result<Vec<u8>, CccCryptoError> {
+    dbg_bridge!("ccc_kdf_derive: length={}", length);
     let provider = default_provider()?;
     let derived = provider.derive_key(
         algorithm.to_core(),
@@ -121,6 +137,7 @@ pub fn ccc_mac_compute(
     key: Vec<u8>,
     data: Vec<u8>,
 ) -> Result<Vec<u8>, CccCryptoError> {
+    dbg_bridge!("ccc_mac_compute: data_len={}", data.len());
     let provider = default_provider()?;
     Ok(provider.compute_mac(algorithm.to_core(), &key, &data)?)
 }
@@ -132,6 +149,7 @@ pub fn ccc_mac_verify(
     data: Vec<u8>,
     mac: Vec<u8>,
 ) -> Result<bool, CccCryptoError> {
+    dbg_bridge!("ccc_mac_verify: data_len={}", data.len());
     let provider = default_provider()?;
     Ok(provider.verify_mac(algorithm.to_core(), &key, &data, &mac)?)
 }
@@ -143,6 +161,7 @@ pub fn ccc_hash(
     algorithm: CccHashAlgorithm,
     data: Vec<u8>,
 ) -> Result<Vec<u8>, CccCryptoError> {
+    dbg_bridge!("ccc_hash: data_len={}", data.len());
     let provider = default_provider()?;
     Ok(provider.hash(algorithm.to_core(), &data)?)
 }
@@ -153,6 +172,7 @@ pub fn ccc_hash(
 pub fn ccc_kem_generate_keypair(
     algorithm: CccKemAlgorithm,
 ) -> Result<CccKemKeyPair, CccCryptoError> {
+    dbg_bridge!("ccc_kem_generate_keypair");
     let kp = kem_provider().generate_keypair(algorithm.to_core())?;
     Ok(CccKemKeyPair::from(kp))
 }
@@ -162,6 +182,7 @@ pub fn ccc_kem_encapsulate(
     algorithm: CccKemAlgorithm,
     public_key: Vec<u8>,
 ) -> Result<CccKemEncapResult, CccCryptoError> {
+    dbg_bridge!("ccc_kem_encapsulate");
     let result = kem_provider().encapsulate(algorithm.to_core(), &public_key)?;
     Ok(CccKemEncapResult::from(result))
 }
@@ -172,6 +193,7 @@ pub fn ccc_kem_decapsulate(
     private_key: Vec<u8>,
     ciphertext: Vec<u8>,
 ) -> Result<Vec<u8>, CccCryptoError> {
+    dbg_bridge!("ccc_kem_decapsulate");
     let ss = kem_provider().decapsulate(algorithm.to_core(), &private_key, &ciphertext)?;
     Ok(ss.to_vec())
 }
@@ -180,6 +202,7 @@ pub fn ccc_kem_decapsulate(
 
 /// Run the provider self-test and return a structured report.
 pub fn ccc_self_test() -> Result<CccSelfTestReport, CccCryptoError> {
+    dbg_bridge!("ccc_self_test");
     let provider = default_provider()?;
     Ok(CccSelfTestReport::from(provider.self_test()))
 }