diff --git a/src/encrypt.c b/src/encrypt.c
index a796c980..d8ce3b4a 100644
--- a/src/encrypt.c
+++ b/src/encrypt.c
@@ -30,6 +30,7 @@
 
 #include <openssl/md5.h>
 #include <openssl/rand.h>
+#include <openssl/hmac.h>
 
 #elif defined(USE_CRYPTO_POLARSSL)
 
@@ -1532,8 +1533,13 @@ int ss_check_hash(char **buf_ptr, ssize_t *buf_len, struct chunk *chunk, struct
             uint32_t c = htonl(chunk->counter);
             memcpy(key, ctx->evp.iv, enc_iv_len);
             memcpy(key + enc_iv_len, &c, sizeof(uint32_t));
+#if defined(USE_CRYPTO_OPENSSL)
+            HMAC(EVP_sha1(), key, enc_iv_len + sizeof(uint32_t),
+                    (uint8_t *)chunk->buf + AUTH_BYTES, chunk->len, hash, NULL);
+#else
             sha1_hmac(key, enc_iv_len + sizeof(uint32_t),
                     (uint8_t *)chunk->buf + AUTH_BYTES, chunk->len, hash);
+#endif
 
             if (memcmp(hash, chunk->buf + CLEN_BYTES, ONETIMEAUTH_BYTES) != 0) {
                 *buf_ptr = buf;
@@ -1574,7 +1580,11 @@ char *ss_gen_hash(char *buf, ssize_t *buf_len, uint32_t *counter, struct enc_ctx
     uint32_t c = htonl(*counter);
     memcpy(key, ctx->evp.iv, enc_iv_len);
     memcpy(key + enc_iv_len, &c, sizeof(uint32_t));
+#if defined(USE_CRYPTO_OPENSSL)
+    HMAC(EVP_sha1(), key, enc_iv_len + sizeof(uint32_t), (uint8_t *)buf, blen, hash, NULL);
+#else
     sha1_hmac(key, enc_iv_len + sizeof(uint32_t), (uint8_t *)buf, blen, hash);
+#endif
 
     memmove(buf + AUTH_BYTES, buf, blen);
     memcpy(buf + CLEN_BYTES, hash, ONETIMEAUTH_BYTES);
diff --git a/src/hmac-sha1.c b/src/hmac-sha1.c
index f5a876fd..5a707407 100644
--- a/src/hmac-sha1.c
+++ b/src/hmac-sha1.c
@@ -30,8 +30,6 @@
 #include "hmac-sha1.h"
 
 
-
-
 /*
  * SHA-1 context setup
  */