diff --git a/include/grub/crypto.h b/include/grub/crypto.h
index df15f9bb9..4d8ce88b8 100644
--- a/include/grub/crypto.h
+++ b/include/grub/crypto.h
@@ -242,8 +242,11 @@ grub_crypto_hmac_buffer (const struct gcry_md_spec *md,
 			 void *data, grub_size_t datalen, void *out);
 
 extern gcry_md_spec_t _gcry_digest_spec_md5;
+extern gcry_md_spec_t _gcry_digest_spec_sha1;
+extern gcry_md_spec_t _gcry_digest_spec_sha256;
 #define GRUB_MD_MD5 ((const gcry_md_spec_t *) &_gcry_digest_spec_md5)
 #define GRUB_MD_SHA1 ((const gcry_md_spec_t *) &_gcry_digest_spec_sha1)
+#define GRUB_MD_SHA256 ((const gcry_md_spec_t *) &_gcry_digest_spec_sha256)
 
 /* Implement PKCS#5 PBKDF2 as per RFC 2898.  The PRF to use is HMAC variant
    of digest supplied by MD.  Inputs are the password P of length PLEN,
@@ -258,4 +261,7 @@ grub_crypto_pbkdf2 (const struct gcry_md_spec *md,
 		    unsigned int c,
 		    grub_uint8_t *DK, grub_size_t dkLen);
 
+int
+grub_crypto_memcmp (void *a, void *b, grub_size_t n);
+
 #endif
diff --git a/lib/crypto.c b/lib/crypto.c
index 3cb66f942..4b36dde6f 100644
--- a/lib/crypto.c
+++ b/lib/crypto.c
@@ -370,3 +370,18 @@ grub_crypto_gcry_error (gcry_err_code_t in)
     return GRUB_ERR_NONE;
   return GRUB_ACCESS_DENIED;
 }
+
+int
+grub_crypto_memcmp (void *a, void *b, grub_size_t n)
+{
+  register grub_size_t counter = 0;
+  grub_uint8_t *pa, *pb;
+
+  for (pa = a, pb = b; n; pa++, pb++, n--)
+    {
+      if (*pa != *pb)
+	counter++;
+    }
+
+  return !!counter;
+}