test RSA signature verification for "short" signatures

Florian Weimer wrote to the OpenPGP mailing list describing a potential implementation failure for one out of every 256 RSA signatures, due to OpenPGP's leading zero stripping and RFC 3447's length check. It would be good to test verification of such a "short" RSA signature against all implementations.