diff --git a/ChangeLog b/ChangeLog
index fd487df13767e13036a37356a905aaee995e49d3..74ab64a5270567a924544a974018c34c4f785fae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,15 @@
 2018-12-26  Niels Möller  <nisse@lysator.liu.se>
 
+	* pkcs1-internal.h: New header file, moved declarations of
+	_pkcs1_sec_decrypt and _pkcs1_sec_decrypt_variable here.
+	* rsa-internal.h: ... old location.
+	* Makefile.in (DISTFILES): Added pkcs1-internal.h.
+	* pkcs1-decrypt.c: Include new file.
+	* pkcs1-sec-decrypt.c: Likewise.
+	* rsa-decrypt-tr.c: Likewise.
+	* rsa-sec-decrypt.c: Likewise.
+	* testsuite/pkcs1-sec-decrypt-test.c: Likewise.
+
 	* tools/nettle-pbkdf2.c: Add #define _GNU_SOURCE, needed for
 	strdup with gcc -std=c89.
 	* testsuite/ed25519-test.c: Add #define _GNU_SOURCE, needed for
diff --git a/Makefile.in b/Makefile.in
index c7db0aed587be4e4be2f8db95068155877174ea6..35df8a141f5771040592ba98ec6ab98807afd56b 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -234,7 +234,7 @@ DISTFILES = $(SOURCES) $(HEADERS) getopt.h getopt_int.h \
 	memxor-internal.h nettle-internal.h nettle-write.h \
 	ctr-internal.h chacha-internal.h sha3-internal.h \
 	salsa20-internal.h umac-internal.h hogweed-internal.h \
-	rsa-internal.h dsa-internal.h eddsa-internal.h \
+	rsa-internal.h pkcs1-internal.h dsa-internal.h eddsa-internal.h \
 	gmp-glue.h ecc-internal.h fat-setup.h \
 	mini-gmp.h asm.m4 \
 	nettle.texinfo nettle.info nettle.html nettle.pdf sha-example.c
diff --git a/pkcs1-decrypt.c b/pkcs1-decrypt.c
index 1a02c7062159e1fb2c8d732cfc1dd7bc6b9886c1..40f6c3ddb871458c54cc6eb273645f6e88d72dfe 100644
--- a/pkcs1-decrypt.c
+++ b/pkcs1-decrypt.c
@@ -38,10 +38,10 @@
 #include <string.h>
 
 #include "pkcs1.h"
+#include "pkcs1-internal.h"
 
 #include "bignum.h"
 #include "gmp-glue.h"
-#include "rsa-internal.h"
 
 int
 pkcs1_decrypt (size_t key_size,
diff --git a/pkcs1-internal.h b/pkcs1-internal.h
new file mode 100644
index 0000000000000000000000000000000000000000..507cdfbb87fe4d48c5200fd5e84a8f774ec1aa02
--- /dev/null
+++ b/pkcs1-internal.h
@@ -0,0 +1,53 @@
+/* pkcs1-internal.h
+
+   Copyright (C) 2018 Niels Möller
+   Copyright (C) 2018 Red Hat, Inc.
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_PKCS1_INTERNAL_H_INCLUDED
+#define NETTLE_PKCS1_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _pkcs1_sec_decrypt _nettle_pkcs1_sec_decrypt
+#define _pkcs1_sec_decrypt_variable _nettle_pkcs1_sec_decrypt_variable
+
+/* additional resistance to memory access side-channel attacks.
+ * Note: message buffer is returned unchanged on error */
+int
+_pkcs1_sec_decrypt (size_t length, uint8_t *message,
+                    size_t padded_message_length,
+                    const volatile uint8_t *padded_message);
+
+int
+_pkcs1_sec_decrypt_variable(size_t *length, uint8_t *message,
+                            size_t padded_message_length,
+                            const volatile uint8_t *padded_message);
+
+#endif /* NETTLE_PKCS1_INTERNAL_H_INCLUDED */
diff --git a/pkcs1-sec-decrypt.c b/pkcs1-sec-decrypt.c
index 722044b00c7fa991a6fdd2fcf8845f8f8738caee..4f13080e3e90385c43d72bad627c0b052d3e60cd 100644
--- a/pkcs1-sec-decrypt.c
+++ b/pkcs1-sec-decrypt.c
@@ -43,8 +43,7 @@
 #include "memops.h"
 
 #include "gmp-glue.h"
-#include "rsa.h"
-#include "rsa-internal.h"
+#include "pkcs1-internal.h"
 
 /* Inputs are always cast to uint32_t values. But all values used in this
  * function should never exceed the maximum value of a uint32_t anyway.
diff --git a/rsa-decrypt-tr.c b/rsa-decrypt-tr.c
index 1e6ad934e51e9480f35d10bdd8852aaf499db273..0224c0b76313fe9d4c712ff0a5358c2e36c1593a 100644
--- a/rsa-decrypt-tr.c
+++ b/rsa-decrypt-tr.c
@@ -37,6 +37,7 @@
 #endif
 
 #include "rsa-internal.h"
+#include "pkcs1-internal.h"
 #include "gmp-glue.h"
 
 int
diff --git a/rsa-internal.h b/rsa-internal.h
index 264c0a6ab2852bcda040a29297709ab1c454ef5d..b828e4516be55820f8c5b8ba178e13ec28e59f47 100644
--- a/rsa-internal.h
+++ b/rsa-internal.h
@@ -44,8 +44,6 @@
 #define _rsa_sec_compute_root_itch _nettle_rsa_sec_compute_root_itch
 #define _rsa_sec_compute_root _nettle_rsa_sec_compute_root
 #define _rsa_sec_compute_root_tr _nettle_rsa_sec_compute_root_tr
-#define _pkcs1_sec_decrypt _nettle_pkcs1_sec_decrypt
-#define _pkcs1_sec_decrypt_variable _nettle_pkcs1_sec_decrypt_variable
 
 /* Internal functions. */
 int
@@ -87,16 +85,4 @@ _rsa_sec_compute_root_tr(const struct rsa_public_key *pub,
 			 void *random_ctx, nettle_random_func *random,
 			 mp_limb_t *x, const mp_limb_t *m, size_t mn);
 
-/* additional resistance to memory access side-channel attacks.
- * Note: message buffer is returned unchanged on error */
-int
-_pkcs1_sec_decrypt (size_t length, uint8_t *message,
-                    size_t padded_message_length,
-                    const volatile uint8_t *padded_message);
-
-int
-_pkcs1_sec_decrypt_variable(size_t *length, uint8_t *message,
-                            size_t padded_message_length,
-                            const volatile uint8_t *padded_message);
-
 #endif /* NETTLE_RSA_INTERNAL_H_INCLUDED */
diff --git a/rsa-sec-decrypt.c b/rsa-sec-decrypt.c
index e6a4b26712fbd88746c649b567c47d3b9bedd949..6866e7c8722b6294d9caa8bb17432ea73c3748b1 100644
--- a/rsa-sec-decrypt.c
+++ b/rsa-sec-decrypt.c
@@ -39,6 +39,7 @@
 #endif
 
 #include "rsa.h"
+#include "pkcs1-internal.h"
 #include "rsa-internal.h"
 
 #include "gmp-glue.h"
diff --git a/testsuite/pkcs1-sec-decrypt-test.c b/testsuite/pkcs1-sec-decrypt-test.c
index 9c7b06d5261b625b5a61fe794bbcaad8f46c23ce..c7fcdcb602c3fc5e0dc927b26f97f47fcf6624b8 100644
--- a/testsuite/pkcs1-sec-decrypt-test.c
+++ b/testsuite/pkcs1-sec-decrypt-test.c
@@ -1,7 +1,6 @@
 #include "testutils.h"
 
-#include "rsa.h"
-#include "rsa-internal.h"
+#include "pkcs1-internal.h"
 
 #if HAVE_VALGRIND_MEMCHECK_H
 # include <valgrind/memcheck.h>