> I am still upset with the ECDSA problems.
> Here is another one:
> The attached code tends to show that ECDSA message signature (using
> secp160r1 curve is only accurate for messages of length below 21
> characters. All trailing chars are ignored, so if a message of 20
> characters is tampered with additional data, signature verification of
> this new message will still succeed.
> Any comment on that ?

Could you please open an issue on Redmine for this (and assign it to me)?
I'll have a look then, see what's wrong.

Regards,
Martin