Fix style.

- Use same ancient ES5 style as the rest of the codebase for
  consistency.
- Minor formatting.

Author: davidlehn

tests/security/cve-2025-12816.js

@@ -1,40 +1,39 @@
 'use strict';
 
-const assert = require('assert');
-const forge = require('../../lib/forge');
-const md = require('../../lib/md');
-const pkcs12 = require('../../lib/pkcs12');
-const asn1 = require('../../lib/asn1');
-const pki = require('../../lib/pki');
+var assert = require('assert');
+var md = require('../../lib/md');
+var pkcs12 = require('../../lib/pkcs12');
+var asn1 = require('../../lib/asn1');
+var pki = require('../../lib/pki');
 
 /**
  * Build a minimal certificate-only PKCS#12 (PFX) with a MAC.
  */
 function buildCertOnlyPfxWithMac(password) {
-  const keys = pki.rsa.generateKeyPair({ bits: 1024, e: 0x10001 });
-  const cert = pki.createCertificate();
+  var keys = pki.rsa.generateKeyPair({bits: 1024, e: 0x10001});
+  var cert = pki.createCertificate();
   cert.publicKey = keys.publicKey;
   cert.serialNumber = '01';
   cert.validity.notBefore = new Date();
   cert.validity.notAfter = new Date();
   cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1);
-  cert.setSubject([{ name: 'commonName', value: 'p12-demo' }]);
-  cert.setIssuer([{ name: 'commonName', value: 'p12-demo' }]);
+  cert.setSubject([{name: 'commonName', value: 'p12-demo'}]);
+  cert.setIssuer([{name: 'commonName', value: 'p12-demo'}]);
   cert.sign(keys.privateKey, md.sha256.create());
 
   return pkcs12.toPkcs12Asn1(
     null,
     cert,
     password,
-    { useMac: true, count: 2048, saltSize: 8 }
+    {useMac: true, count: 2048, saltSize: 8}
   );
 }
 
 /**
  * Replace macData node with arbitrary junk.
  */
 function corruptMacData(pfxAsn1) {
-  const clone = asn1.fromDer(asn1.toDer(pfxAsn1).getBytes());
+  var clone = asn1.fromDer(asn1.toDer(pfxAsn1).getBytes());
   // Replace 3rd element (macData) with garbage node
   clone.value[2] = asn1.create(
     asn1.Class.UNIVERSAL,
@@ -45,33 +44,32 @@ function corruptMacData(pfxAsn1) {
   return clone;
 }
 
-describe('PKCS#12 MAC corruption security test', function () {
-  const correctPw = 'correct-horse-battery-staple';
-  const wrongPw = 'wrong-password';
-  let legit;
+describe('PKCS#12 MAC corruption', function() {
+  var correctPw = 'correct-horse-battery-staple';
+  var wrongPw = 'wrong-password';
+  var legit;
 
-  before(function () {
+  before(function() {
     legit = buildCertOnlyPfxWithMac(correctPw);
   });
 
-  it('accepts valid PFX with correct password', function () {
-    assert.doesNotThrow(() => {
-      const obj = pkcs12.pkcs12FromAsn1(legit, true, correctPw);
+  it('should accept valid PFX with correct password', function() {
+    assert.doesNotThrow(function() {
+      var obj = pkcs12.pkcs12FromAsn1(legit, true, correctPw);
       assert(obj, 'pkcs12FromAsn1 should return an object');
     });
   });
 
-  it('rejects valid PFX with wrong password (MAC mismatch)', function () {
-    assert.throws(() => {
+  it('should reject valid PFX with wrong password (MAC mismatch)', function() {
+    assert.throws(function() {
       pkcs12.pkcs12FromAsn1(legit, true, wrongPw);
     }, /MAC|password|verify/i);
   });
 
-  it('rejects tampered PFX with corrupted macData', function () {
-    const tampered = corruptMacData(legit);
-    assert.throws(() => {
+  it('should reject tampered PFX with corrupted macData', function() {
+    var tampered = corruptMacData(legit);
+    assert.throws(function() {
       pkcs12.pkcs12FromAsn1(tampered, true, wrongPw);
     }, /mac|digest|invalid|malformed/i);
   });
 });
-