1 files changed, 35 insertions, 33 deletions
diff --git a/crypto/src/pqc/crypto/lms/HSSSignature.cs b/crypto/src/pqc/crypto/lms/HSSSignature.cs
index 21f0397c8..bbf0c6f0f 100644
--- a/crypto/src/pqc/crypto/lms/HSSSignature.cs
+++ b/crypto/src/pqc/crypto/lms/HSSSignature.cs
@@ -1,5 +1,6 @@
 using System;
 using System.IO;
+using System.Text;
 
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.IO;
@@ -13,6 +14,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Lms
         private readonly LmsSignedPubKey[] m_signedPubKey;
         private readonly LmsSignature m_signature;
 
+        // TODO[api] signedPubKeys
         public HssSignature(int lMinus1, LmsSignedPubKey[] signedPubKey, LmsSignature signature)
         {
             m_lMinus1 = lMinus1;
@@ -29,48 +31,48 @@ namespace Org.BouncyCastle.Pqc.Crypto.Lms
         public static HssSignature GetInstance(object src, int L)
         {
             if (src is HssSignature hssSignature)
-            {
                 return hssSignature;
-            }
-            else if (src is BinaryReader binaryReader)
-            {
-                int lminus = BinaryReaders.ReadInt32BigEndian(binaryReader);
-                if (lminus != L - 1)
-                    throw new Exception("nspk exceeded maxNspk");
 
-                LmsSignedPubKey[] signedPubKeys = new LmsSignedPubKey[lminus];
-                if (lminus != 0)
-                {
-                    for (int t = 0; t < signedPubKeys.Length; t++)
-                    {
-                        signedPubKeys[t] = new LmsSignedPubKey(LmsSignature.GetInstance(src),
-                            LmsPublicKeyParameters.GetInstance(src));
-                    }
-                }
+            if (src is BinaryReader binaryReader)
+                return Parse(L, binaryReader);
 
-                LmsSignature sig = LmsSignature.GetInstance(src);
+            if (src is Stream stream)
+                return Parse(L, stream, leaveOpen: true);
 
-                return new HssSignature(lminus, signedPubKeys, sig);
-            }
-            else if (src is byte[] bytes)
+            if (src is byte[] bytes)
+                return Parse(L, new MemoryStream(bytes, false), leaveOpen: false);
+
+            throw new ArgumentException($"cannot parse {src}");
+        }
+
+        internal static HssSignature Parse(int L, BinaryReader binaryReader)
+        {
+            int lMinus1 = BinaryReaders.ReadInt32BigEndian(binaryReader);
+            if (lMinus1 != L - 1)
+                throw new Exception("nspk exceeded maxNspk");
+
+            var signedPubKeys = new LmsSignedPubKey[lMinus1];
+            for (int t = 0; t < lMinus1; t++)
             {
-                BinaryReader input = null;
-                try // 1.5 / 1.6 compatibility
-                {
-                    input = new BinaryReader(new MemoryStream(bytes));
-                    return GetInstance(input, L);
-                }
-                finally
-                {
-                    if (input != null) input.Close();
-                }
+                var signature = LmsSignature.Parse(binaryReader);
+                var publicKey = LmsPublicKeyParameters.Parse(binaryReader);
+
+                signedPubKeys[t] = new LmsSignedPubKey(signature, publicKey);
             }
-            else if (src is MemoryStream memoryStream)
+
             {
-                return GetInstance(Streams.ReadAll(memoryStream), L);
+                var signature = LmsSignature.Parse(binaryReader);
+
+                return new HssSignature(lMinus1, signedPubKeys, signature);
             }
+        }
 
-            throw new ArgumentException($"cannot parse {src}");
+        private static HssSignature Parse(int L, Stream stream, bool leaveOpen)
+        {
+            using (var binaryReader = new BinaryReader(stream, Encoding.UTF8, leaveOpen))
+            {
+                return Parse(L, binaryReader);
+            }
         }
 
         public int GetLMinus1()