This is because OpenSSL, it seems, does not distinguish between DSA/SHA1 and RSA/SHA1. When it comes to verify the correct required_pkey_type in p_verify.c:101, OpenSSL will always compare the type to one of the RSA/SHA1 pkey types.
OpenSSL (without padlock support) uses the flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE to get around this, which is why I have copied that flag from the definition of sha1_md to padlock_sha1_md.
This change is sufficient for "make test" to pass all tests on Ubuntu 12.10 x86_64 and FreeBSD 9.0 amd64.
School of Mathematics and Statistics
University of New South Wales
Sydney NSW 2052