sign_pss and verify_pss need to digest the data before calling into their respective wolfCrypt functions. Those wolfCrypt functions expect digests, not plaintext.
RsaPrivate make_key should take an optional hash_type parameter for the case where the key will be used to create PSS signatures.
test_rsa_pss_sign_verify appears to have been deliberately coded to have the input plaintext length line up with the digest size, which masked the problem where we weren't digesting the plaintext. I modified the plaintext so that this is no longer the case.