IsAuthenticodeSigned is true, but IsTrustedAuthenticodeSignature is false

[BerndK]

I had problems when testing Authenticode,
the issue is that IsTrustedAuthenticodeSignature is most times false (on my files).
I was able to reproduce this with your test files: (the firefox tests fails 2 out of 5):
see PeFileTest.cs - add last line to test also IsTrustedAuthenticodeSignature (when using explorer the signatures are reported as valid)

        [SkippableTheory]
        [InlineData(@"../../../Binaries/firefox_x86.exe", true)]
        [InlineData(@"../../../Binaries/firefox_x64.exe", true)]
        [InlineData(@"C:\Windows\System32\kernel32.dll", true)]
        [InlineData(@"C:\Windows\explorer.exe", true)]
        [InlineData(@"../../../Binaries/TLSCallback_x86.exe", false)]
        public void IsSigned_PathToSignedBinary_ReturnsSignedOrNot(string file, bool expected)
        {
            Skip.IfNot(RuntimeInformation.IsOSPlatform(OSPlatform.Windows));

            var peFile = new PeFile(file);
            Assert.Equal(expected, peFile.IsAuthenticodeSigned);
            Assert.Equal(expected, peFile.IsTrustedAuthenticodeSignature);
        }

obviously signedCms.CheckSignature(true); fails
Forgot to mention that I'm working on Windows, using .net 7

[BerndK]

Update:
This works on Framework 4.8, but not on .net 7.0!
So it might still be the issue discussed here dotnet/runtime#28252 !?
If this is the case, I think it is hard to fix.

However IsTrustedAuthenticodeSignature fails on both systems!
perhaps here dotnet/runtime#83478 or https://www.sysadmins.lv/blog-en/retrieve-timestamp-attribute-from-digital-signature.aspx are some additional infos, not sure.

Some suggestions:

• include the check in the unit tests and make them explicit, to at least document this 'non perfect' behavior
• consider to cache the AuthenticodeInfo property, it is used by some other properties and is parsed every time, assuming that the underlying crypto funcs like hashing and SignedCms are expensive, this would help to increase performance.