diff --git a/lib/TLS/include/Method.h b/lib/TLS/include/Method.h
index dde4ad2..be15a83 100644
--- a/lib/TLS/include/Method.h
+++ b/lib/TLS/include/Method.h
@@ -565,27 +565,36 @@ namespace eap
             _In_                              size_t size);
 
         ///
-        /// HMAC symmetric key generation
+        /// Creates HMAC key
         ///
-        /// \param[in]  alg          Hashing algorithm to use (CALG_MD5 or CALG_SHA1)
-        /// \param[in]  secret       Hashing secret key
+        /// \param[in]  secret       Hashing secret
         /// \param[in]  size_secret  \p secret size
         ///
         /// \returns Key
         ///
-        inline HCRYPTKEY derive_hmac_key(
-            _In_                              ALG_ID alg,
+        inline HCRYPTKEY create_hmac_key(
             _In_bytecount_(size_secret) const void   *secret,
             _In_                              size_t size_secret)
         {
-            winstd::crypt_hash hash;
-            if (!hash.create(m_cp, alg, 0, 0))
-                throw winstd::win_runtime_error(__FUNCTION__ " Error creating key hash.");
-            if (!CryptHashData(hash, (const BYTE*)secret, (DWORD)size_secret, 0))
-                throw winstd::win_runtime_error(__FUNCTION__ " Error hashing secret.");
+            // Prepare exported key BLOB.
+            static const PUBLICKEYSTRUC s_key_data_struct = {
+                PLAINTEXTKEYBLOB,
+                CUR_BLOB_VERSION,
+                0,
+                CALG_RC4,
+            };
+            std::vector<unsigned char> key_blob;
+            key_blob.reserve(sizeof(PUBLICKEYSTRUC) + sizeof(DWORD) + size_secret);
+            key_blob.assign((const unsigned char*)&s_key_data_struct, (const unsigned char*)(&s_key_data_struct + 1));
+            assert(size_secret <= 0xffffffff);
+            DWORD _size_secret = (DWORD)size_secret;
+            key_blob.insert(key_blob.end(), (const unsigned char*)&_size_secret, (const unsigned char*)(&_size_secret + 1));
+            key_blob.insert(key_blob.end(), (const unsigned char*)secret, (const unsigned char*)secret + _size_secret);
+
+            // Import the key.
             winstd::crypt_key key;
-            if (!key.derive(m_cp, CALG_RC4, hash, 0))
-                throw winstd::win_runtime_error(__FUNCTION__ " Error deriving key.");
+            if (!key.import(m_cp, key_blob.data(), (DWORD)key_blob.size(), NULL, 0))
+                throw winstd::win_runtime_error(__FUNCTION__ " Error importing key.");
             return key.detach();
         }
 
diff --git a/lib/TLS/src/Method.cpp b/lib/TLS/src/Method.cpp
index 6bd617c..11efc67 100644
--- a/lib/TLS/src/Method.cpp
+++ b/lib/TLS/src/Method.cpp
@@ -809,7 +809,7 @@ void eap::method_tls::derive_keys()
     vector<unsigned char> key;
     key.assign((const unsigned char*)&s_key_struct, (const unsigned char*)(&s_key_struct + 1));
     key.insert(key.end(), data, data + 20);
-    if (!m_key_hmac.import(m_cp, key.data(), key.size(), NULL, 0))
+    if (!m_key_hmac.import(m_cp, key.data(), (DWORD)key.size(), NULL, 0))
         throw win_runtime_error(__FUNCTION__ " Error importing client_write_MAC_secret key.");
 
 
@@ -1187,8 +1187,8 @@ vector<unsigned char> eap::method_tls::p_hash(
     _In_                              size_t size_seed,
     _In_                              size_t size)
 {
-    // HMAC symmetric key generation.
-    crypt_key key_hmac(derive_hmac_key(alg, secret, size_secret));
+    // HMAC symmetric key creation.
+    crypt_key key_hmac(create_hmac_key(secret, size_secret));
     vector<unsigned char> block;
     const HMAC_INFO hmac_info = { alg };