zerodds_security/
logging.rs

1// SPDX-License-Identifier: Apache-2.0
2// Copyright 2026 ZeroDDS Contributors
3
4//! Logging plugin SPI (OMG DDS-Security 1.1 §8.6).
5//!
6//! Separate plugin slot for security events — important for audits,
7//! pen tests, forensics. Separated from general application logging
8//! so that security-critical events do not accidentally get lost under
9//! the debug flag.
10//!
11//! zerodds-lint: allow no_dyn_in_safe
12//! (The plugin SPI needs `Box<dyn LoggingPlugin>`.)
13
14extern crate alloc;
15
16use alloc::boxed::Box;
17
18/// Severity of a security event (spec §8.6.3 table 36).
19#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord)]
20#[repr(u8)]
21pub enum LogLevel {
22    /// Security emergency (auth handshake failed, key-exchange break).
23    Emergency = 0,
24    /// Alert.
25    Alert = 1,
26    /// Critical.
27    Critical = 2,
28    /// Error.
29    Error = 3,
30    /// Warning.
31    Warning = 4,
32    /// Notice.
33    Notice = 5,
34    /// Informational.
35    Informational = 6,
36    /// Debug.
37    Debug = 7,
38}
39
40/// Logging plugin (spec §8.6.2.1).
41pub trait LoggingPlugin: Send + Sync {
42    /// Log a security event.
43    ///
44    /// Spec §8.6.2.1.1 `log`. `participant` identifies the affected
45    /// participant (GUID bytes, 16 octets). `category` is a
46    /// plugin-specific string ("auth.handshake.failed" etc.).
47    fn log(&self, level: LogLevel, participant: [u8; 16], category: &str, message: &str);
48
49    /// Plugin class id (e.g. "DDS:Logging:DDS_LogTopic" for the
50    /// spec-intended LogTopic dispatch).
51    fn plugin_class_id(&self) -> &str;
52}
53
54/// Factory alias.
55pub type LoggingPluginBox = Box<dyn LoggingPlugin>;
56
57#[cfg(test)]
58mod tests {
59    use super::*;
60
61    #[test]
62    fn log_levels_order_correctly() {
63        assert!(LogLevel::Emergency < LogLevel::Warning);
64        assert!(LogLevel::Debug > LogLevel::Error);
65    }
66}
zerodds_security/logging.rs

zerodds_security/
logging.rs
