I have found that if a certain certificate imported into the Windows Cert store will cause Signature & Verify failure.
The failure is something like "BER decoding error".
That certificate has no relation with the signature,it's not the cert used by signature or verify.
But if remove the cert from cert store,that's all ok.
Does someone know the reason?
"BER" is a compact encoding scheme used for many types of binary data, including digital certificates. Unfortunately it tends to 'just fall down' if incorrect or corrupted data is presented to it, and presumably that's what is happening here. I would start by assuming that the certificate data is somehow corrupted, remove the certificate and verify that the problem goes away. Then obtain the certificate again from its original source, install it, and see what happens.
You ought to be able to systematically isolate the problem with a little "gumshoe work." Be very careful that you "don't assume." Methodically and pedantically test everything, keeping notes as you do so.