Cleanup code, remove commented out debug code

scram/client.nim

@@ -54,9 +54,6 @@ proc prepareFinalMessage*[T](s: ScramClient[T], password, serverFirstMessage: st
     iterations: int
   var matches: array[3, string]
   if match(serverFirstMessage, SERVER_FIRST_MESSAGE, matches):
-    #nonce = matches[0]
-    #salt = base64.decode(matches[1])
-    #iterations = parseInt(matches[2])
     for kv in serverFirstMessage.split(','):
       if kv[0..1] == "i=":
         iterations = parseInt(kv[2..^1])
@@ -86,19 +83,6 @@ proc prepareFinalMessage*[T](s: ScramClient[T], password, serverFirstMessage: st
   var clientProof = clientKey
   clientProof ^= clientSignature
   s.state = FINAL_PREPARED
-  # echo &"client password        {password}"
-  # echo &"client salt            {salt}"
-  # echo &"client iterations      {iterations}"
-  # echo &"client saltedPassword  {base64.encode(saltedPassword)}"
-  # echo &"client clientKey       {base64.encode(clientKey)}"
-  # echo &"client storedKey       {base64.encode(storedKey)}"
-  # echo &"client serverKey       {base64.encode(serverKey)}"
-  # echo &"client authMessage.1   {s.clientFirstMessageBare}"
-  # echo &"client authMessage.2   {serverFirstMessage}"
-  # echo &"client authMessage.3   {clientFinalMessageWithoutProof}"
-  # echo &"client authMessage     {authMessage}"
-  # echo &"client clientSignature {base64.encode(clientSignature)}"
-  # echo &"client clientProof     {base64.encode(clientProof)}"
   when NimMajor >= 1 and (NimMinor >= 1 or NimPatch >= 2):
     clientFinalMessageWithoutProof & ",p=" & base64.encode(clientProof)
   else:
@@ -114,7 +98,6 @@ proc verifyServerFinalMessage*(s: ScramClient, serverFinalMessage: string): bool
     for kv in serverFinalMessage.split(','):
       if kv[0..1] == "v=":
         proposedServerSignature = base64.decode(kv[2..^1])
-    #let proposedServerSignature = base64.decode(matches[0])
     s.isSuccessful = proposedServerSignature == $%s.serverSignature
   s.isSuccessful
 

scram/server.nim

@@ -31,14 +31,6 @@ proc initUserData*[T](typ: typedesc[T], password: string, iterations = 4096): Us
     storedKey = HASH[T]($%clientKey)
     serverKey = HMAC[T]($%saltedPassword, SERVER_KEY)
 
-  # echo &"server password        {password}"
-  # echo &"server salt            {salt}"
-  # echo &"server iterations      {iterations}"
-  # echo &"server saltedPassword  {base64.encode(saltedPassword)}"
-  # echo &"server clientKey       {base64.encode(clientKey)}"
-  # echo &"server serverKey       {base64.encode(serverKey)}"
-  # echo &"server storedKey       {base64.encode(storedKey)}"
-
   result.salt = base64.encode(salt)
   result.iterations = iterations
   result.storedKey = base64.encode($%storedKey)
@@ -59,19 +51,10 @@ proc newScramServer*[T](): ScramServer[T] {.deprecated: "use `new ScramServer[T]
 proc handleClientFirstMessage*[T](s: ScramServer[T],clientFirstMessage: string): string =
   let parts = clientFirstMessage.split(',', 2)
   var matches: array[3, string]
-  # echo &"client first message {clientFirstMessage}"
   if not match(clientFirstMessage, CLIENT_FIRST_MESSAGE, matches) or not parts.len == 3:
     s.state = ENDED
     return
-  # echo &"client first message matches {matches}"
   s.clientFirstMessageBare = parts[2]
-  # Disabled code until this is resolved
-  # <https://github.com/nim-lang/Nim/issues/19104>
-  #s.serverNonce = matches[2] & makeNonce()
-  #echo &"s.serverNonce = {s.serverNonce}"
-  #echo &"username      = {matches[1]}"
-  #s.state = FIRST_CLIENT_MESSAGE_HANDLED
-  #matches[1] # username
 
   s.state = FIRST_CLIENT_MESSAGE_HANDLED
   for kv in s.clientFirstMessageBare.split(','):
@@ -84,20 +67,13 @@ proc prepareFirstMessage*(s: ScramServer, userData: UserData): string =
   s.state = FIRST_PREPARED
   s.userData = userData
   s.serverFirstMessage = "r=$#,s=$#,i=$#" % [s.serverNonce, userData.salt, $userData.iterations]
-  # echo &"server first message: {s.serverFirstMessage}"
   s.serverFirstMessage
 
 proc prepareFinalMessage*[T](s: ScramServer[T], clientFinalMessage: string): string =
   var matches: array[4, string]
-  # echo &"client final message {clientFinalMessage}"
   if not match(clientFinalMessage, CLIENT_FINAL_MESSAGE, matches):
     s.state = ENDED
     return
-  # echo &"client final message matches {matches}"
-  #let
-  #  clientFinalMessageWithoutProof = matches[0]
-  #  nonce = matches[2]
-  #  proof = matches[3]
   var clientFinalMessageWithoutProof, nonce, proof: string
   for kv in clientFinalMessage.split(','):
     if kv[0..1] == "p=":
@@ -111,7 +87,6 @@ proc prepareFinalMessage*[T](s: ScramServer[T], clientFinalMessage: string): str
 
   if nonce != s.serverNonce:
     s.state = ENDED
-    # echo &"nonce mismatch {nonce} != {s.serverNonce}"
     return
 
   let
@@ -121,24 +96,12 @@ proc prepareFinalMessage*[T](s: ScramServer[T], clientFinalMessage: string): str
     serverSignature = HMAC[T](decode(s.userData.serverKey), authMessage)
     decodedProof = base64.decode(proof)
     clientKey = custom_xor(clientSignature, decodedProof)
-  #var clientKey = $clientSignature
-  #clientKey ^= decodedProof
   let resultKey = HASH[T](clientKey).raw_str
-  # echo &"server storedKey       {base64.encode(storedKey)}"
-  # echo &"server resultKey       {base64.encode(resultKey)}"
-  # echo &"server authMessage.1   {s.clientFirstMessageBare}"
-  # echo &"server authMessage.2   {s.serverFirstMessage}"
-  # echo &"server authMessage.3   {clientFinalMessageWithoutProof}"
-  # echo &"server authMessage     {authMessage}"
-  # echo &"server clientSignature {base64.encode(clientSignature)}"
-  # echo &"server clientKey       {base64.encode(clientKey)} .len = {clientKey.len} {$typeof(clientSignature)}"
-  # echo &"server decodedProof    {base64.encode(decodedProof)} .len = {decodedProof.len}"
 
   # SECURITY: constant time HMAC check
   if not constantTimeEqual(resultKey, storedKey):
     let k1 = base64.encode(resultKey)
     let k2 = base64.encode(storedKey)
-    # echo &"key mismatch {k1} != {k2}"
     return
 
   s.isSuccessful = true
@@ -147,7 +110,6 @@ proc prepareFinalMessage*[T](s: ScramServer[T], clientFinalMessage: string): str
     result = "v=" & base64.encode(serverSignature)
   else:
     result = "v=" & base64.encode(serverSignature, newLine="")
-  # echo &"server final message: {result}"
 
 
 proc isSuccessful*(s: ScramServer): bool =