const crypto = require('crypto');

// Generate RSA key pair
const { privateKey, publicKey } = crypto.generateKeyPairSync('rsa', {
  modulusLength: 2048,
  publicKeyEncoding: {
    type: 'spki',
    format: 'pem'
  },
  privateKeyEncoding: {
    type: 'pkcs8',
    format: 'pem'
  }
});

// Message to sign
const message = 'Message to sign with different options';

// Function to sign with specific options
function signWithOptions(algorithm, message, privateKey, options = {}) {
  try {
    // Create private key with options
    const keyWithOptions = {
      key: privateKey,
      ...options
    };
    
    // Sign the message
    const sign = crypto.createSign(algorithm);
    sign.update(message);
    return sign.sign(keyWithOptions, 'hex');
  } catch (error) {
    return `Error: ${error.message}`;
  }
}

console.log(`Message: "${message}"`);
console.log('\nRSA Signatures with Different Options:');

// 1. Standard PKCS#1 v1.5 padding (default)
console.log('\n1. Standard PKCS#1 v1.5 padding:');
const sig1 = signWithOptions('SHA256', message, privateKey);
console.log(sig1);

// 2. PSS padding
console.log('\n2. PSS padding:');
const sig2 = signWithOptions('SHA256', message, privateKey, {
  padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
  saltLength: 32
});
console.log(sig2);

// 3. Different salt lengths with PSS padding
console.log('\n3. PSS padding with different salt lengths:');
[20, 32, 48].forEach(saltLength => {
  try {
    const sigSalt = signWithOptions('SHA256', message, privateKey, {
      padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
      saltLength
    });
    console.log(`Salt length ${saltLength}: ${sigSalt.substring(0, 64)}...`);
  } catch (error) {
    console.log(`Salt length ${saltLength}: Error - ${error.message}`);
  }
});

// 4. Try to use no padding (will likely fail for signatures)
console.log('\n4. No padding (expect error):');
const sig4 = signWithOptions('SHA256', message, privateKey, {
  padding: crypto.constants.RSA_NO_PADDING
});
console.log(sig4);