From e8c117aa01ac48fa2cf022810543bd97a0e44e57 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@anytun.org>
Date: Sat, 21 Jun 2014 16:48:26 +0000
Subject: refactored crypto lib selection

---
 src/auth_algo.h | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'src/auth_algo.h')

diff --git a/src/auth_algo.h b/src/auth_algo.h
index c3caaa6..2c20410 100644
--- a/src/auth_algo.h
+++ b/src/auth_algo.h
@@ -36,10 +36,10 @@
 #ifndef UANYTUN_auth_algo_h_INCLUDED
 #define UANYTUN_auth_algo_h_INCLUDED
 
-#ifndef USE_SSL_CRYPTO
-#include <gcrypt.h>
-#else
+#ifdef USE_SSL_CRYPTO
 #include <openssl/hmac.h>
+#else  // USE_GCRYPT is the default
+#include <gcrypt.h>
 #endif
 #include "key_derivation.h"
 #include "encrypted_packet.h"
@@ -66,10 +66,10 @@ int auth_algo_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivation_di
 #define SHA1_LENGTH 20
 
 struct auth_algo_sha1_param_struct {
-#ifndef USE_SSL_CRYPTO
-  gcry_md_hd_t handle_;
-#else
+#ifdef USE_SSL_CRYPTO
   HMAC_CTX ctx_;
+#else  // USE_GCRYPT is the default
+  gcry_md_hd_t handle_;
 #endif
 };
 typedef struct auth_algo_sha1_param_struct auth_algo_sha1_param_t;
-- 
cgit v1.2.3


From 01ef67da5564e1dcb380adead3e7f869fa3be2c8 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@anytun.org>
Date: Sat, 21 Jun 2014 18:26:51 +0000
Subject: added defines for nettle as crypto lib further improved selection of
 crypto lib

---
 README               | 10 ++++++++--
 src/auth_algo.c      | 22 ++++++++++++++++++----
 src/auth_algo.h      |  9 +++++++--
 src/cipher.c         | 24 ++++++++++++++++++++----
 src/cipher.h         |  9 +++++++--
 src/configure        | 13 +++++++++++--
 src/init_crypt.h     | 10 +++++++++-
 src/key_derivation.c | 41 ++++++++++++++++++++++++++++++++---------
 src/key_derivation.h |  9 +++++++--
 9 files changed, 119 insertions(+), 28 deletions(-)

(limited to 'src/auth_algo.h')

diff --git a/README b/README
index 10c3b10..dc07a11 100644
--- a/README
+++ b/README
@@ -1,8 +1,8 @@
 Dependencies
 ============
 
-uAnytun can be built by using either libgcrypt or the openssl-crypto library.
-The latter is more performant in most cases but there are some license
+uAnytun can be built by using either libgcrypt, libnettle or the openssl-crypto
+library. The latter is more performant in most cases but there are some license
 issues when using this library. It also needs more space when installed.
 
 
@@ -20,7 +20,13 @@ using ssl crypto library:
  build-essential
  libssl-dev
 
+using nettle crypto library:
+
+ build-essential
+ nettle-dev
+
 if you want clang as compiler
+
  clang
 
 if you want to rebuild the manpage:
diff --git a/src/auth_algo.c b/src/auth_algo.c
index 8ee3f49..87ea472 100644
--- a/src/auth_algo.c
+++ b/src/auth_algo.c
@@ -154,9 +154,12 @@ int auth_algo_sha1_init(auth_algo_t* aa)
 
   auth_algo_sha1_param_t* params = aa->params_;
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   HMAC_CTX_init(&params->ctx_);
   HMAC_Init_ex(&params->ctx_, NULL, 0, EVP_sha1(), NULL);
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
   gcry_error_t err = gcry_md_open(&params->handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
   if(err) {
@@ -176,8 +179,11 @@ void auth_algo_sha1_close(auth_algo_t* aa)
   if(aa->params_) {
     auth_algo_sha1_param_t* params = aa->params_;
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
     HMAC_CTX_cleanup(&params->ctx_);
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
     if(params->handle_)
       gcry_md_close(params->handle_);
@@ -207,12 +213,16 @@ void auth_algo_sha1_generate(auth_algo_t* aa, key_derivation_t* kd, key_derivati
   if(ret < 0)
     return;
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   HMAC_Init_ex(&params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
 
   u_int8_t hmac[SHA1_LENGTH];
   HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
   HMAC_Final(&params->ctx_, hmac, NULL);
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+  u_int8_t hmac[SHA1_LENGTH];
+
 #else  // USE_GCRYPT is the default
   gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_);
   if(err) {
@@ -255,12 +265,16 @@ int auth_algo_sha1_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivati
   if(ret < 0)
     return 0;
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   HMAC_Init_ex(&params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
 
   u_int8_t hmac[SHA1_LENGTH];
   HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
   HMAC_Final(&params->ctx_, hmac, NULL);
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+  u_int8_t hmac[SHA1_LENGTH];
+
 #else  // USE_GCRYPT is the default
   gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_);
   if(err) {
diff --git a/src/auth_algo.h b/src/auth_algo.h
index 2c20410..e800c8e 100644
--- a/src/auth_algo.h
+++ b/src/auth_algo.h
@@ -36,8 +36,10 @@
 #ifndef UANYTUN_auth_algo_h_INCLUDED
 #define UANYTUN_auth_algo_h_INCLUDED
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
 #include <openssl/hmac.h>
+#elif defined(USE_NETTLE)
+#include <nettle/hmac.h>
 #else  // USE_GCRYPT is the default
 #include <gcrypt.h>
 #endif
@@ -66,8 +68,11 @@ int auth_algo_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivation_di
 #define SHA1_LENGTH 20
 
 struct auth_algo_sha1_param_struct {
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   HMAC_CTX ctx_;
+#elif defined(USE_NETTLE)
+      // TOOD: nettle
+
 #else  // USE_GCRYPT is the default
   gcry_md_hd_t handle_;
 #endif
diff --git a/src/cipher.c b/src/cipher.c
index 03449a0..a2e7f5e 100644
--- a/src/cipher.c
+++ b/src/cipher.c
@@ -210,7 +210,12 @@ int cipher_aesctr_init(cipher_t* c)
   if(!c->params_)
     return -2;
 
-#ifdef USE_GCRYPT
+#if defined(USE_SSL_CRYPTO)
+  // nothing here
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
+#else  // USE_GCRYPT is the default
   int algo;
   switch(c->key_length_) {
   case 128: algo = GCRY_CIPHER_AES128; break;
@@ -239,7 +244,12 @@ void cipher_aesctr_close(cipher_t* c)
     return;
 
   if(c->params_) {
-#ifdef USE_GCRYPT
+#if defined(USE_SSL_CRYPTO)
+    // nothing here
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
+#else  // USE_GCRYPT is the default
     cipher_aesctr_param_t* params = c->params_;
     gcry_cipher_close(params->handle_);
 #endif
@@ -285,12 +295,15 @@ int32_t cipher_aesctr_crypt(cipher_t* c, key_derivation_t* kd, key_derivation_di
   if(ret < 0)
     return ret;
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   ret = AES_set_encrypt_key(c->key_.buf_, c->key_length_, &params->aes_key_);
   if(ret) {
     log_printf(ERROR, "failed to set cipher key (code: %d)", ret);
     return -1;
   }
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
   gcry_error_t err = gcry_cipher_setkey(params->handle_, c->key_.buf_, c->key_.length_);
   if(err) {
@@ -305,7 +318,7 @@ int32_t cipher_aesctr_crypt(cipher_t* c, key_derivation_t* kd, key_derivation_di
     return ret;
   }
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   if(C_AESCTR_CTR_LENGTH != AES_BLOCK_SIZE) {
     log_printf(ERROR, "failed to set cipher CTR: size doesn't fit");
     return -1;
@@ -313,6 +326,9 @@ int32_t cipher_aesctr_crypt(cipher_t* c, key_derivation_t* kd, key_derivation_di
   u_int32_t num = 0;
   memset(params->ecount_buf_, 0, AES_BLOCK_SIZE);
   AES_ctr128_encrypt(in, out, (ilen < olen) ? ilen : olen, &params->aes_key_, params->ctr_.buf_, params->ecount_buf_, &num);
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
   err = gcry_cipher_setctr(params->handle_, params->ctr_.buf_, C_AESCTR_CTR_LENGTH);
   if(err) {
diff --git a/src/cipher.h b/src/cipher.h
index d4506d4..8221a3c 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -37,8 +37,10 @@
 #define UANYTUN_cipher_h_INCLUDED
 
 #ifndef NO_CRYPT
-#ifndef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
 #include <openssl/aes.h>
+#elif defined(USE_NETTLE)
+#include <nettle/aes.h>
 #else  // USE_GCRYPT is the default
 #include <gcrypt.h>
 #endif
@@ -94,9 +96,12 @@ union __attribute__((__packed__)) cipher_aesctr_ctr_union {
 typedef union cipher_aesctr_ctr_union cipher_aesctr_ctr_t;
 
 struct cipher_aesctr_param_struct {
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   AES_KEY aes_key_;
   u_int8_t ecount_buf_[AES_BLOCK_SIZE];
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
   gcry_cipher_hd_t handle_;
 #endif
diff --git a/src/configure b/src/configure
index f764f89..04d5ac2 100755
--- a/src/configure
+++ b/src/configure
@@ -61,7 +61,8 @@ print_usage() {
   echo "          --examplesdir=<DIR>       the path to the examples files (default: $PREFIX/share/examples)"
   echo "          --no-examples             dont't install example files"
   echo "          --use-gcrypt              use libgcrypt (this is the default)"
-  echo "          --use-ssl-crypto          use ssl crypto library instead of libgcrypt"
+  echo "          --use-nettle              use libnettle instead of libgcrypt"
+  echo "          --use-ssl-crypto          use openssl crypto library instead of libgcrypt"
   echo "          --no-crypto               disable crypto at all (only NULL cipher)"
   echo "          --disable-passphrase      disable master key and salt passphrase"
   echo "          --enable-passphrase       enable master key and salt passphrase"
@@ -101,6 +102,9 @@ do
   --use-gcrypt)
     CRYPTO_LIB='gcrypt'
   ;;
+  --use-nettle)
+    CRYPTO_LIB='nettle'
+  ;;
   --use-ssl-crypto)
     CRYPTO_LIB='ssl'
   ;;
@@ -171,7 +175,12 @@ case $CRYPTO_LIB in
   gcrypt)
     CFLAGS=$CFLAGS' -DUSE_GCRYPT'
     LDFLAGS=$LDFLAGS' -lgcrypt'
-    echo "using libgcrypt library"
+    echo "using gcrypt library"
+  ;;
+  nettle)
+    CFLAGS=$CFLAGS' -DUSE_NETTLE'
+    LDFLAGS=$LDFLAGS' -lnettle'
+    echo "using nettle library"
   ;;
   ssl)
     CFLAGS=$CFLAGS' -DUSE_SSL_CRYPTO'
diff --git a/src/init_crypt.h b/src/init_crypt.h
index 47688c7..9a8849e 100644
--- a/src/init_crypt.h
+++ b/src/init_crypt.h
@@ -48,7 +48,15 @@ int init_crypt()
 #else
 
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
+
+int init_crypt()
+{
+// nothing here
+  return 0;
+}
+
+#elif defined(USE_NETTLE)
 
 int init_crypt()
 {
diff --git a/src/key_derivation.c b/src/key_derivation.c
index 7bd4d6e..998c10b 100644
--- a/src/key_derivation.c
+++ b/src/key_derivation.c
@@ -37,8 +37,11 @@
 
 #include "key_derivation.h"
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
 #include <openssl/sha.h>
+#elif defined(USE_NETTLE)
+#include <nettle/sha1.h>
+#include <nettle/sha2.h>
 #endif
 
 #include "log.h"
@@ -135,8 +138,10 @@ int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphr
     return -1;
   }
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   if(key_length > (SHA256_DIGEST_LENGTH * 8)) {
+#elif defined(USE_NETTLE)
+  if(key_length > (SHA256_DIGEST_SIZE * 8)) {
 #else  // USE_GCRYPT is the default
   if(key_length > (gcry_md_get_algo_dlen(GCRY_MD_SHA256) * 8)) {
 #endif
@@ -145,8 +150,10 @@ int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphr
   }
 
   buffer_t digest;
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   digest.length_ = SHA256_DIGEST_LENGTH;
+#elif defined(USE_NETTLE)
+  digest.length_ = SHA256_DIGEST_SIZE;
 #else  // USE_GCRYPT is the default
   digest.length_ = gcry_md_get_algo_dlen(GCRY_MD_SHA256);
 #endif
@@ -155,8 +162,11 @@ int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphr
     return -2;
 
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   SHA256((const u_int8_t*)passphrase, strlen(passphrase), digest.buf_);
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
   gcry_md_hash_buffer(GCRY_MD_SHA256, digest.buf_, passphrase, strlen(passphrase));
 #endif
@@ -191,8 +201,10 @@ int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passph
     return -1;
   }
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   if(salt_length > (SHA_DIGEST_LENGTH * 8)) {
+#elif defined(USE_NETTLE)
+  if(salt_length > (SHA1_DIGEST_SIZE * 8)) {
 #else  // USE_GCRYPT is the default
   if(salt_length > (gcry_md_get_algo_dlen(GCRY_MD_SHA1) * 8)) {
 #endif
@@ -201,8 +213,10 @@ int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passph
   }
 
   buffer_t digest;
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   digest.length_ = SHA_DIGEST_LENGTH;
+#elif defined(USE_NETTLE)
+  digest.length_ = SHA1_DIGEST_SIZE;
 #else  // USE_GCRYPT is the default
   digest.length_ = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
 #endif
@@ -210,8 +224,11 @@ int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passph
   if(!digest.buf_)
     return -2;
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   SHA1((const u_int8_t*)passphrase, strlen(passphrase), digest.buf_);
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
   gcry_md_hash_buffer(GCRY_MD_SHA1, digest.buf_, passphrase, strlen(passphrase));
 #endif
@@ -345,12 +362,15 @@ int key_derivation_aesctr_init(key_derivation_t* kd, const char* passphrase)
   }
 #endif
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   int ret = AES_set_encrypt_key(kd->master_key_.buf_, kd->master_key_.length_*8, &params->aes_key_);
   if(ret) {
     log_printf(ERROR, "failed to set key derivation ssl aes-key (code: %d)", ret);
     return -1;
   }
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
   int algo;
   switch(kd->key_length_) {
@@ -428,7 +448,7 @@ int key_derivation_aesctr_generate(key_derivation_t* kd, key_derivation_dir_t di
     return -1;
   }
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   if(KD_AESCTR_CTR_LENGTH != AES_BLOCK_SIZE) {
     log_printf(ERROR, "failed to set key derivation CTR: size don't fits");
     return -1;
@@ -437,6 +457,9 @@ int key_derivation_aesctr_generate(key_derivation_t* kd, key_derivation_dir_t di
   memset(params->ecount_buf_, 0, AES_BLOCK_SIZE);
   memset(key, 0, len);
   AES_ctr128_encrypt(key, key, len, &params->aes_key_, params->ctr_.buf_, params->ecount_buf_, &num);
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
   gcry_error_t err = gcry_cipher_reset(params->handle_);
   if(err) {
diff --git a/src/key_derivation.h b/src/key_derivation.h
index 0d3c93f..01c9a26 100644
--- a/src/key_derivation.h
+++ b/src/key_derivation.h
@@ -36,8 +36,10 @@
 #ifndef UANYTUN_key_derivation_h_INCLUDED
 #define UANYTUN_key_derivation_h_INCLUDED
 
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
 #include <openssl/aes.h>
+#elif defined(USE_NETTLE)
+#include <nettle/aes.h>
 #else  // USE_GCRYPT is the default
 #include <gcrypt.h>
 #endif
@@ -103,9 +105,12 @@ union __attribute__((__packed__)) key_derivation_aesctr_ctr_union {
 typedef union key_derivation_aesctr_ctr_union key_derivation_aesctr_ctr_t;
 
 struct key_derivation_aesctr_param_struct {
-#ifdef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
   AES_KEY aes_key_;
   u_int8_t ecount_buf_[AES_BLOCK_SIZE];
+#elif defined(USE_NETTLE)
+      // TODO: nettle
+
 #else  // USE_GCRYPT is the default
   gcry_cipher_hd_t handle_;
 #endif
-- 
cgit v1.2.3


From 7e12caca626bdbee7a351ab1fb3244b8c99224f3 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@anytun.org>
Date: Sat, 21 Jun 2014 19:16:11 +0000
Subject: implemented auth tag with nettle (not tested yet)

---
 src/auth_algo.c | 26 ++++++++++++++------------
 src/auth_algo.h |  3 +--
 2 files changed, 15 insertions(+), 14 deletions(-)

(limited to 'src/auth_algo.h')

diff --git a/src/auth_algo.c b/src/auth_algo.c
index 87ea472..e1f5de5 100644
--- a/src/auth_algo.c
+++ b/src/auth_algo.c
@@ -152,15 +152,14 @@ int auth_algo_sha1_init(auth_algo_t* aa)
   if(!aa->params_)
     return -2;
 
-  auth_algo_sha1_param_t* params = aa->params_;
-
 #if defined(USE_SSL_CRYPTO)
+  auth_algo_sha1_param_t* params = aa->params_;
   HMAC_CTX_init(&params->ctx_);
   HMAC_Init_ex(&params->ctx_, NULL, 0, EVP_sha1(), NULL);
 #elif defined(USE_NETTLE)
-      // TODO: nettle
-
+  // nothing here
 #else  // USE_GCRYPT is the default
+  auth_algo_sha1_param_t* params = aa->params_;
   gcry_error_t err = gcry_md_open(&params->handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
   if(err) {
     log_printf(ERROR, "failed to open message digest algo: %s", gcry_strerror(err));
@@ -177,14 +176,13 @@ void auth_algo_sha1_close(auth_algo_t* aa)
     return;
 
   if(aa->params_) {
-    auth_algo_sha1_param_t* params = aa->params_;
-
 #if defined(USE_SSL_CRYPTO)
+    auth_algo_sha1_param_t* params = aa->params_;
     HMAC_CTX_cleanup(&params->ctx_);
 #elif defined(USE_NETTLE)
-      // TODO: nettle
-
+    // nothing here
 #else  // USE_GCRYPT is the default
+    auth_algo_sha1_param_t* params = aa->params_;
     if(params->handle_)
       gcry_md_close(params->handle_);
 #endif
@@ -220,9 +218,11 @@ void auth_algo_sha1_generate(auth_algo_t* aa, key_derivation_t* kd, key_derivati
   HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
   HMAC_Final(&params->ctx_, hmac, NULL);
 #elif defined(USE_NETTLE)
-      // TODO: nettle
-  u_int8_t hmac[SHA1_LENGTH];
+  hmac_sha1_set_key(&params->ctx_, aa->key_.length_, aa->key_.buf_);
 
+  u_int8_t hmac[SHA1_LENGTH];
+  hmac_sha1_update(&params->ctx_, encrypted_packet_get_auth_portion_length(packet), encrypted_packet_get_auth_portion(packet));
+  hmac_sha1_digest(&params->ctx_, SHA1_LENGTH, hmac);
 #else  // USE_GCRYPT is the default
   gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_);
   if(err) {
@@ -272,9 +272,11 @@ int auth_algo_sha1_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivati
   HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
   HMAC_Final(&params->ctx_, hmac, NULL);
 #elif defined(USE_NETTLE)
-      // TODO: nettle
-  u_int8_t hmac[SHA1_LENGTH];
+  hmac_sha1_set_key(&params->ctx_, aa->key_.length_, aa->key_.buf_);
 
+  u_int8_t hmac[SHA1_LENGTH];
+  hmac_sha1_update(&params->ctx_, encrypted_packet_get_auth_portion_length(packet), encrypted_packet_get_auth_portion(packet));
+  hmac_sha1_digest(&params->ctx_, SHA1_LENGTH, hmac);
 #else  // USE_GCRYPT is the default
   gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_);
   if(err) {
diff --git a/src/auth_algo.h b/src/auth_algo.h
index e800c8e..b8a20b8 100644
--- a/src/auth_algo.h
+++ b/src/auth_algo.h
@@ -71,8 +71,7 @@ struct auth_algo_sha1_param_struct {
 #if defined(USE_SSL_CRYPTO)
   HMAC_CTX ctx_;
 #elif defined(USE_NETTLE)
-      // TOOD: nettle
-
+  struct hmac_sha1_ctx ctx_;
 #else  // USE_GCRYPT is the default
   gcry_md_hd_t handle_;
 #endif
-- 
cgit v1.2.3