sign(data, SHA256withRSA) != sign(hash, NONEwithRSA)
Quite funny that after a few months offline I find the fun in writing a small article about an investigation which is still about security. My task was to find how I could replicate the signature performed with an old applet and a proprietary library which used a hardware token in javascript using a new api provided by a different party. The old applet just signed a hash and I had to find the way to implement this with the new api....