6 files changed, 9 insertions, 52 deletions

diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h
index e07193531a..beac10e9eb 100644
--- a/ssl/record/methods/recmethod_local.h
+++ b/ssl/record/methods/recmethod_local.h
@@ -407,36 +407,6 @@ int ossl_set_tls_provider_parameters(OSSL_RECORD_LAYER *rl,
                                      const EVP_CIPHER *ciph,
                                      const EVP_MD *md);
 
-/* tls_pad.c */
-int ssl3_cbc_remove_padding_and_mac(size_t *reclen,
-                                    size_t origreclen,
-                                    unsigned char *recdata,
-                                    unsigned char **mac,
-                                    int *alloced,
-                                    size_t block_size, size_t mac_size,
-                                    OSSL_LIB_CTX *libctx);
-
-int tls1_cbc_remove_padding_and_mac(size_t *reclen,
-                                    size_t origreclen,
-                                    unsigned char *recdata,
-                                    unsigned char **mac,
-                                    int *alloced,
-                                    size_t block_size, size_t mac_size,
-                                    int aead,
-                                    OSSL_LIB_CTX *libctx);
-
-/* ssl3_cbc.c */
-__owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
-__owur int ssl3_cbc_digest_record(const EVP_MD *md,
-                                  unsigned char *md_out,
-                                  size_t *md_out_size,
-                                  const unsigned char *header,
-                                  const unsigned char *data,
-                                  size_t data_size,
-                                  size_t data_plus_mac_plus_padding_size,
-                                  const unsigned char *mac_secret,
-                                  size_t mac_secret_length, char is_sslv3);
-
 int tls_increment_sequence_ctr(OSSL_RECORD_LAYER *rl);
 int tls_alloc_buffers(OSSL_RECORD_LAYER *rl);
 int tls_free_buffers(OSSL_RECORD_LAYER *rl);
diff --git a/ssl/record/methods/ssl3_cbc.c b/ssl/record/methods/ssl3_cbc.c
index 25f3d9e1c6..b42f5a39ff 100644
--- a/ssl/record/methods/ssl3_cbc.c
+++ b/ssl/record/methods/ssl3_cbc.c
@@ -22,17 +22,16 @@
  */
 #include "internal/deprecated.h"
 
-#include "recmethod_local.h"
-
-#include "internal/constant_time.h"
-#include "internal/cryptlib.h"
-
 #include <openssl/evp.h>
 #ifndef FIPS_MODULE
 # include <openssl/md5.h>
 #endif
 #include <openssl/sha.h>
 
+#include "internal/ssl3_cbc.h"
+#include "internal/constant_time.h"
+#include "internal/cryptlib.h"
+
 /*
  * MAX_HASH_BIT_COUNT_BYTES is the maximum number of bytes in the hash's
  * length field. (SHA-384/512 have 128-bit length.)
diff --git a/ssl/record/methods/ssl3_meth.c b/ssl/record/methods/ssl3_meth.c
index 279a3d11e8..a38fccae7b 100644
--- a/ssl/record/methods/ssl3_meth.c
+++ b/ssl/record/methods/ssl3_meth.c
@@ -9,6 +9,7 @@
 
 #include <openssl/evp.h>
 #include <openssl/core_names.h>
+#include "internal/ssl3_cbc.h"
 #include "../../ssl_local.h"
 #include "../record_local.h"
 #include "recmethod_local.h"
diff --git a/ssl/record/methods/tls1_meth.c b/ssl/record/methods/tls1_meth.c
index be26e5dec0..139da76fc6 100644
--- a/ssl/record/methods/tls1_meth.c
+++ b/ssl/record/methods/tls1_meth.c
@@ -11,6 +11,7 @@
 #include <openssl/core_names.h>
 #include <openssl/rand.h>
 #include <openssl/ssl.h>
+#include "internal/ssl3_cbc.h"
 #include "../../ssl_local.h"
 #include "../record_local.h"
 #include "recmethod_local.h"
diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c
index b1f6a6433b..69745f902b 100644
--- a/ssl/record/methods/tls_common.c
+++ b/ssl/record/methods/tls_common.c
@@ -16,6 +16,7 @@
 #include <openssl/ssl.h>
 #include "internal/e_os.h"
 #include "internal/packet.h"
+#include "internal/ssl3_cbc.h"
 #include "../../ssl_local.h"
 #include "../record_local.h"
 #include "recmethod_local.h"
diff --git a/ssl/record/methods/tls_pad.c b/ssl/record/methods/tls_pad.c
index 7311c8266a..d326a7608a 100644
--- a/ssl/record/methods/tls_pad.c
+++ b/ssl/record/methods/tls_pad.c
@@ -9,8 +9,10 @@
 
 #include <openssl/rand.h>
 #include <openssl/evp.h>
+
 #include "internal/constant_time.h"
 #include "internal/cryptlib.h"
+#include "internal/ssl3_cbc.h"
 
 /*
  * This file has no dependencies on the rest of libssl because it is shared
@@ -31,23 +33,6 @@ static int ssl3_cbc_copy_mac(size_t *reclen,
                              size_t good,
                              OSSL_LIB_CTX *libctx);
 
-int ssl3_cbc_remove_padding_and_mac(size_t *reclen,
-                                    size_t origreclen,
-                                    unsigned char *recdata,
-                                    unsigned char **mac,
-                                    int *alloced,
-                                    size_t block_size, size_t mac_size,
-                                    OSSL_LIB_CTX *libctx);
-
-int tls1_cbc_remove_padding_and_mac(size_t *reclen,
-                                    size_t origreclen,
-                                    unsigned char *recdata,
-                                    unsigned char **mac,
-                                    int *alloced,
-                                    size_t block_size, size_t mac_size,
-                                    int aead,
-                                    OSSL_LIB_CTX *libctx);
-
 /*-
  * ssl3_cbc_remove_padding removes padding from the decrypted, SSLv3, CBC
  * record in |recdata| by updating |reclen| in constant time. It also extracts