diff --git a/src/ssl.c b/src/ssl.c
index 145be730a..632ecaae2 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -41911,6 +41911,13 @@ void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *a)
 
 #if defined(OPENSSL_EXTRA)
 
+int wolfSSL_CRYPTO_memcmp(const void *a, const void *b, size_t size)
+{
+    if (!a || !b)
+        return 0;
+    return ConstantCompare((const byte*)a, (const byte*)b, (int)size);
+}
+
 int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s)
 {
     WOLFSSL_ENTER("wolfSSL_sk_X509_num");
diff --git a/tests/api.c b/tests/api.c
index f0bd523f3..f289dd513 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -28831,6 +28831,20 @@ static void test_no_op_functions(void)
     #endif
 }
 
+static void test_wolfSSL_CRYPTO_memcmp(void)
+{
+#ifdef OPENSSL_EXTRA
+    char a[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
+               "implementation of TLS/SSL for embedded devices to the cloud.";
+    char b[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
+               "implementation of TLS/SSL for embedded devices to the cloud.";
+    char c[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
+               "implementation of TLS/SSL for embedded devices to the cloud!";
+
+    AssertIntEQ(CRYPTO_memcmp(a, b, sizeof(a)), 0);
+    AssertIntNE(CRYPTO_memcmp(a, c, sizeof(a)), 0);
+#endif
+}
 
 /*----------------------------------------------------------------------------*
  | wolfCrypt ASN
@@ -32311,6 +32325,8 @@ void ApiTest(void)
 
     test_wolfSSL_EC_get_builtin_curves();
 
+    test_wolfSSL_CRYPTO_memcmp();
+
     /* test the no op functions for compatibility */
     test_no_op_functions();
 
diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h
index 485e8bb1c..46f9be1b3 100644
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
@@ -151,6 +151,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
 #define CRYPTO_cleanup_all_ex_data      wolfSSL_cleanup_all_ex_data
 #define set_ex_data                     wolfSSL_CRYPTO_set_ex_data
 #define get_ex_data                     wolfSSL_CRYPTO_get_ex_data
+#define CRYPTO_memcmp                   wolfSSL_CRYPTO_memcmp
 
 /* this function was used to set the default malloc, free, and realloc */
 #define CRYPTO_malloc_init() 0 /* CRYPTO_malloc_init is not needed */
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index 39d7a9911..a70395318 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -3507,6 +3507,8 @@ WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const ch
 
 WOLFSSL_API void wolfSSL_CRYPTO_cleanup_all_ex_data(void);
 
+WOLFSSL_API int wolfSSL_CRYPTO_memcmp(const void *a, const void *b, size_t size);
+
 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_768_prime(WOLFSSL_BIGNUM* bn);
 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1024_prime(WOLFSSL_BIGNUM* bn);
 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn);