I've managed to make some more progress by decoding the signature before passing it to RSASHAVerify, as follows:
set tX509 = ##class(%SYS.X509Credentials).GetByAlias("Cert")
set tData = "hello"
set tSignature = "CUBMPlVbEKbjFg0nUNz3pwuSwq7tJPg4obsj6LpwbMsEQaDNNw/93V9X0BdgBVzoWN1K7XrG1WX1focFj+EIkeXOJJF7KjQv4p9Xc8JT0wWZ9ivw0+pYvBtMSzP9JEVzapt2Cr+QoBT47yEMeCAxt7Ka7q7xLpxxpAvDQ+QE3Mg="
set tSignature = $system.Encryption.Base64Decode(tSignature)
set isValid = $SYSTEM.Encryption.RSASHAVerify(256, tData, tSignature, tX509.Certificate)
w "isValid: " _ isValid
which provides the output:
error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01;error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed;
Thank you Mclean,
The string "hello" is actually a dummy value that i have added (not allowed to disclose actual value due to sensitivity of data).The signature comes from a third party connecting to us, they did supply me with C# code that verified the signature successfully.
What I can say though is that tried the method ($SYSTEM.Encryption.RSAGetLastError()) you mentioned above and it responded with the following:
error:04091077:rsa routines:INT_RSA_VERIFY:wrong signature length;
Log in or create a new account to continue