hash_head is broken

[singpolyma]

hash_head is supposed to be the first 16 bits of the hash that was signed over. In the Crypto version it's currently the first 16 bits of the signature. I think this is wrong, especially since there's no reasonable interpretation of that in the context of DSA. The CryptoAPI submodule currently sets hash_head to 0.

[singpolyma]

This is hard to test for sure, because gpg completely ignores hash_head in signature verification. As do all the libraries I have written.

I have updated Data.OpenPGP.Crypto to use the front of the signed data, but maybe it's supposed to be the front of the unpadded hash? Hard to say.