diff --git a/ChangeLog b/ChangeLog
index 25a017a765859e066fb8322d40ff7d0e380bb894..810c2631a1f9f170eb08874725b8dc0c08782053 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,23 @@
 2014-01-16  Niels Möller  <nisse@lysator.liu.se>
 
+	* poly1305-aes.c: Include poly1305.c. Rewrite functions without
+	using the POLY1305_* macros.
+
+	* Makefile.in (HEADERS): Deleted poly1305-aes.h.
+
+	* poly1305.h (POLY1305_CTX, POLY1305_SET_KEY, POLY1305_SET_NONCE)
+	(POLY1305_DIGEST): Deleted macros. Only implemented variant is
+	poly1305-aes.
+	(POLY1305_DIGEST_SIZE, POLY1305_BLOCK_SIZE, POLY1305_KEY_SIZE):
+	New constants.
+	(POLY1305_AES_KEY_SIZE, POLY1305_AES_DIGEST_SIZE): Moved here,
+	from poly1305-aes.h.
+	(struct poly1305_aes_ctx): Likewise.
+	(poly1305_aes_set_key, poly1305_aes_set_nonce)
+	(poly1305_aes_update, poly1305_aes_digest): Likewise.
+	* poly1305-aes.h: Deleted file, declarations moved to poly1305.h.
+	Update all users.
+
 	* poly1305-internal.c (s2, s3, s4): Fixed macros.
 
 	* poly1305-aes.h (struct poly1305_aes_ctx): Replace struct aes_ctx
diff --git a/Makefile.in b/Makefile.in
index afce45cbedbc031749c7223f2f272513ea06298c..d6cd848c107114e294368c876931a39e75cd5026 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -163,7 +163,7 @@ HEADERS = aes.h arcfour.h arctwo.h asn1.h bignum.h blowfish.h \
 	  pgp.h pkcs1.h realloc.h ripemd160.h rsa.h rsa-compat.h \
 	  salsa20.h sexp.h \
 	  serpent.h sha.h sha1.h sha2.h sha3.h twofish.h \
-	  umac.h yarrow.h poly1305-aes.h poly1305.h
+	  umac.h yarrow.h poly1305.h
 
 INSTALL_HEADERS = $(HEADERS) nettle-stdint.h
 
diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c
index 0cb24e61fa27f6accca781571965746d44f3e7aa..c139e1a8930b61263c56f60d47ec9288ccafe38a 100644
--- a/examples/nettle-benchmark.c
+++ b/examples/nettle-benchmark.c
@@ -56,7 +56,7 @@
 #include "sha3.h"
 #include "twofish.h"
 #include "umac.h"
-#include "poly1305-aes.h"
+#include "poly1305.h"
 
 #include "nettle-meta.h"
 #include "nettle-internal.h"
diff --git a/poly1305-aes.c b/poly1305-aes.c
index ba0dd0ddec60f6faf3dc120c54ee0b8bb17b0779..847bf34d199af7d6664d6b31371ccf0cab66d354 100644
--- a/poly1305-aes.c
+++ b/poly1305-aes.c
@@ -1,6 +1,7 @@
 /* nettle, low-level cryptographics library
  *
  * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ * Copyright (C) 2014 Niels Möller
  *
  * The nettle library is free software; you can redistribute it and/or modify
  * it under the terms of the GNU Lesser General Public License as published by
@@ -23,26 +24,32 @@
 #endif
 
 #include <string.h>
+
+#include "poly1305.h"
 #include "macros.h"
-#include "nettle-types.h"
-#include "poly1305-aes.h"
 
 void
 poly1305_aes_set_key (struct poly1305_aes_ctx *ctx, const uint8_t * key)
 {
-  POLY1305_SET_KEY(ctx, aes128_set_encrypt_key, key);
+  aes128_set_encrypt_key(&ctx->aes, (key));
+  poly1305_set_key(&ctx->pctx, (key+16));
+  ctx->pctx.index = 0;
 }
 
 void
 poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx,
 			const uint8_t * nonce)
 {
-  POLY1305_SET_NONCE(ctx, nonce);
+  poly1305_set_nonce(&ctx->pctx, nonce);
 }
 
 void
 poly1305_aes_digest (struct poly1305_aes_ctx *ctx,
 		     size_t length, uint8_t * digest)
 {
-  POLY1305_DIGEST(ctx, aes128_encrypt, length, digest);
+  uint8_t s[POLY1305_BLOCK_SIZE];
+  aes128_encrypt(&ctx->aes, POLY1305_BLOCK_SIZE, s, ctx->pctx.nonce);
+  poly1305_digest (&ctx->pctx, length, digest, s);
+  INCREMENT (16, (ctx)->pctx.nonce);
+  (ctx)->pctx.index = 0;
 }
diff --git a/poly1305-aes.h b/poly1305-aes.h
deleted file mode 100644
index ae22d39c4af0ed6e119abd6270b7dadf234b1afc..0000000000000000000000000000000000000000
--- a/poly1305-aes.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/* poly1305-aes.h
- *
- * Poly1305 message authentication code.
- */
-
-/* nettle, low-level cryptographics library
- *
- * Copyright (C) 2013 Nikos Mavrogiannopoulos
- *
- * The nettle library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The nettle library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the nettle library; see the file COPYING.LIB.  If not, write to
- * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
- * MA 02111-1301, USA.
- */
-
-#ifndef NETTLE_POLY1305_AES_H_INCLUDED
-#define NETTLE_POLY1305_AES_H_INCLUDED
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "nettle-types.h"
-#include "poly1305.h"
-#include "aes.h"
-
-#define POLY1305_AES_KEY_SIZE 32
-#define POLY1305_AES_DIGEST_SIZE 16
-
-#define poly1305_aes_set_key nettle_poly1305_aes_set_key
-#define poly1305_aes_set_nonce nettle_poly1305_aes_set_nonce
-#define poly1305_aes_digest nettle_poly1305_aes_digest
-
-struct poly1305_aes_ctx POLY1305_CTX(struct aes128_ctx);
-
-/* The _set_key function initialize the nonce to zero. */
-void
-poly1305_aes_set_key (struct poly1305_aes_ctx *ctx, const uint8_t *key);
-
-/* Optional, if not used, messages get incrementing nonces starting from zero. */
-void
-poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx,
-		        const uint8_t *nonce);
-
-#define poly1305_aes_update \
-  (*(void(*)(struct poly1305_aes_ctx *, size_t, const uint8_t *))&poly1305_update)
-
-/* The _digest functions increment the nonce */
-void
-poly1305_aes_digest (struct poly1305_aes_ctx *ctx,
-	       	     size_t length, uint8_t *digest);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* NETTLE_POLY1305_AES_H_INCLUDED */
diff --git a/poly1305.h b/poly1305.h
index 16fdfc03311daea97893bfeceb7a82c7bbf24585..12c7bdabcf5d6a80b9f8a626e5b72a07adb22d68 100644
--- a/poly1305.h
+++ b/poly1305.h
@@ -27,7 +27,7 @@
 #ifndef NETTLE_POLY1305_H_INCLUDED
 #define NETTLE_POLY1305_H_INCLUDED
 
-#include "nettle-types.h"
+#include "aes.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -40,8 +40,16 @@ extern "C" {
 #define poly1305_block nettle_poly1305_block
 #define poly1305_digest nettle_poly1305_digest
 
+#define poly1305_aes_set_key nettle_poly1305_aes_set_key
+#define poly1305_aes_set_nonce nettle_poly1305_aes_set_nonce
+#define poly1305_aes_digest nettle_poly1305_aes_digest
+
 /* Low level functions/macros for the poly1305 construction. */
 
+#define POLY1305_DIGEST_SIZE 16
+#define POLY1305_BLOCK_SIZE 16
+#define POLY1305_KEY_SIZE 16
+
 struct poly1305_ctx {
   /* Key, 128-bit value and some cached multiples. */
   union
@@ -60,41 +68,47 @@ struct poly1305_ctx {
     uint64_t h64[2];
   } h;
 
-  uint8_t nonce[16];
-  uint8_t block[16];
+  uint8_t nonce[POLY1305_BLOCK_SIZE];
+  uint8_t block[POLY1305_BLOCK_SIZE];
   unsigned index;
 };
 
-void poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[16]);
+void poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[POLY1305_KEY_SIZE]);
 void poly1305_set_nonce (struct poly1305_ctx *ctx, const uint8_t * nonce);
-void poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[16]);
+void poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[POLY1305_BLOCK_SIZE]);
 void poly1305_update (struct poly1305_ctx *ctx, size_t size, const uint8_t *data);
 void poly1305_digest (struct poly1305_ctx *ctx,
 		      size_t length, uint8_t *digest, const uint8_t *s);
 
-/* All-in-one context, with cipher, and state. Cipher must have a 128-bit block */
-#define POLY1305_CTX(type) \
-{ struct poly1305_ctx pctx; type cipher; }
-
-#define POLY1305_SET_KEY(ctx, set_key, key)	\
-  do {						\
-    poly1305_set_key(&(ctx)->pctx, (key+16));	\
-    (set_key)(&(ctx)->cipher, (key));		\
-    (ctx)->pctx.index = 0;			\
-  } while (0)
-
-#define POLY1305_SET_NONCE(ctx, data)		\
-  poly1305_set_nonce(&(ctx)->pctx, (data))
-
-#define POLY1305_DIGEST(ctx, encrypt, length, digest)		\
-  do { 								\
-    uint8_t _ts[16]; 						\
-    (encrypt)(&(ctx)->cipher, 16, _ts, (ctx)->pctx.nonce);	\
-    poly1305_digest (&(ctx)->pctx, (length), (digest), _ts); 	\
-    INCREMENT (16, (ctx)->pctx.nonce); 				\
-    (ctx)->pctx.index = 0; 					\
-  } while(0);
+/* poly1305-aes */
+
+#define POLY1305_AES_KEY_SIZE 32
+#define POLY1305_AES_DIGEST_SIZE 16
+
+struct poly1305_aes_ctx
+{
+  /* Must be first element, for the poly1305_aes_update cast to work. */
+  struct poly1305_ctx pctx;
+  struct aes128_ctx aes;
+};
+
+/* Also initialize the nonce to zero. */
+void
+poly1305_aes_set_key (struct poly1305_aes_ctx *ctx, const uint8_t *key);
+
+/* Optional, if not used, messages get incrementing nonces starting from zero. */
+void
+poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx,
+		        const uint8_t *nonce);
+
+/* An alias, nothing aes-specific. */
+#define poly1305_aes_update \
+  (*(void(*)(struct poly1305_aes_ctx *, size_t, const uint8_t *))&poly1305_update)
 
+/* Also increments the nonce */
+void
+poly1305_aes_digest (struct poly1305_aes_ctx *ctx,
+	       	     size_t length, uint8_t *digest);
 
 #ifdef __cplusplus
 }
diff --git a/testsuite/poly1305-test.c b/testsuite/poly1305-test.c
index a87ef6aecf1f83f0c3f4661fe21b043d9b0cfbf1..ee70b3c51b84667cec3baa9bcfd4b8ff33ae228f 100644
--- a/testsuite/poly1305-test.c
+++ b/testsuite/poly1305-test.c
@@ -1,5 +1,5 @@
 #include "testutils.h"
-#include "poly1305-aes.h"
+#include "poly1305.h"
 
 static void
 update (void *ctx, nettle_hash_update_func *f,