4 files changed, 33 insertions, 2 deletions

diff --git a/base/util/src/com/netscape/cmsutil/util/Cert.java b/base/util/src/com/netscape/cmsutil/util/Cert.java
index 7dfc18a5d..0fe558993 100644
--- a/base/util/src/com/netscape/cmsutil/util/Cert.java
+++ b/base/util/src/com/netscape/cmsutil/util/Cert.java
@@ -41,6 +41,8 @@ public class Cert {
             return SignatureAlgorithm.DSASignatureWithSHA1Digest;
         else if (algname.equals("SHA256withRSA"))
             return SignatureAlgorithm.RSASignatureWithSHA256Digest;
+        else if (algname.equals("SHA384withRSA"))
+            return SignatureAlgorithm.RSASignatureWithSHA384Digest;
         else if (algname.equals("SHA512withRSA"))
             return SignatureAlgorithm.RSASignatureWithSHA512Digest;
         else if (algname.equals("SHA1withEC"))
diff --git a/base/util/src/netscape/security/pkcs/PKCS10.java b/base/util/src/netscape/security/pkcs/PKCS10.java
index 4dd9f0f52..0702e8238 100644
--- a/base/util/src/netscape/security/pkcs/PKCS10.java
+++ b/base/util/src/netscape/security/pkcs/PKCS10.java
@@ -181,6 +181,12 @@ public class PKCS10 {
                 idName = "SHA1/RSA";
             else if (idName.equals("SHA1withDSA"))
                 idName = "SHA1/DSA";
+            else if (idName.equals("SHA256withRSA"))
+                idName = "SHA256/RSA";
+            else if (idName.equals("SHA384withRSA"))
+                idName = "SHA384/RSA";
+            else if (idName.equals("SHA512withRSA"))
+                idName = "SHA512/RSA";
             else if (idName.equals("SHA1withEC"))
                 idName = "SHA1/EC";
             else if (idName.equals("SHA256withEC"))
diff --git a/base/util/src/netscape/security/x509/AlgorithmId.java b/base/util/src/netscape/security/x509/AlgorithmId.java
index fa69f77f1..08c9c4f46 100644
--- a/base/util/src/netscape/security/x509/AlgorithmId.java
+++ b/base/util/src/netscape/security/x509/AlgorithmId.java
@@ -329,6 +329,9 @@ public class AlgorithmId implements Serializable, DerEncoder {
         if (name.equals("SHA256withRSA") || name.equals("SHA256/RSA")
                 || name.equals("1.2.840.113549.1.1.11"))
             return AlgorithmId.sha256WithRSAEncryption_oid;
+        if (name.equals("SHA384withRSA") || name.equals("SHA384/RSA")
+                || name.equals("1.2.840.113549.1.1.12"))
+            return AlgorithmId.sha384WithRSAEncryption_oid;
         if (name.equals("SHA512withRSA") || name.equals("SHA512/RSA")
                 || name.equals("1.2.840.113549.1.1.13"))
             return AlgorithmId.sha512WithRSAEncryption_oid;
@@ -364,6 +367,8 @@ public class AlgorithmId implements Serializable, DerEncoder {
             return "SHA";
         if (algid.equals(AlgorithmId.SHA256_oid))
             return "SHA256";
+        if (algid.equals(AlgorithmId.SHA384_oid))
+            return "SHA384";
         if (algid.equals(AlgorithmId.SHA512_oid))
             return "SHA512";
 
@@ -399,6 +404,8 @@ public class AlgorithmId implements Serializable, DerEncoder {
             return "SHA1withRSA";
         if (algid.equals(AlgorithmId.sha256WithRSAEncryption_oid))
             return "SHA256withRSA";
+        if (algid.equals(AlgorithmId.sha384WithRSAEncryption_oid))
+            return "SHA384withRSA";
         if (algid.equals(AlgorithmId.sha512WithRSAEncryption_oid))
             return "SHA512withRSA";
         if (algid.equals(AlgorithmId.sha1WithDSA_oid)
@@ -530,6 +537,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
     // sha = { 1, 3, 14, 3, 2, 18 };
     private static final int SHA1_OIW_data[] = { 1, 3, 14, 3, 2, 26 };
     private static final int SHA256_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 };
+    private static final int SHA384_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 2 };
     private static final int SHA512_data[] = { 2, 16, 840, 1, 101, 3, 4, 2, 3 };
 
     /**
@@ -553,6 +561,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
     public static final ObjectIdentifier SHA_oid = new ObjectIdentifier(SHA1_OIW_data);
 
     public static final ObjectIdentifier SHA256_oid = new ObjectIdentifier(SHA256_data);
+    public static final ObjectIdentifier SHA384_oid = new ObjectIdentifier(SHA384_data);
 
     public static final ObjectIdentifier SHA512_oid = new ObjectIdentifier(SHA512_data);
 
@@ -651,6 +660,8 @@ public class AlgorithmId implements Serializable, DerEncoder {
                                    { 1, 2, 840, 113549, 1, 1, 5 };
     private static final int sha256WithRSAEncryption_data[] =
                                    { 1, 2, 840, 113549, 1, 1, 11 };
+    private static final int sha384WithRSAEncryption_data[] =
+                                   { 1, 2, 840, 113549, 1, 1, 12 };
     private static final int sha512WithRSAEncryption_data[] =
                                    { 1, 2, 840, 113549, 1, 1, 13 };
     private static final int sha1WithRSAEncryption_OIW_data[] =
@@ -704,6 +715,12 @@ public class AlgorithmId implements Serializable, DerEncoder {
             ObjectIdentifier(sha256WithRSAEncryption_data);
 
     /**
+     * The proper one for sha384/rsa
+     */
+    public static final ObjectIdentifier sha384WithRSAEncryption_oid = new
+            ObjectIdentifier(sha384WithRSAEncryption_data);
+
+    /**
      * The proper one for sha512/rsa
      */
     public static final ObjectIdentifier sha512WithRSAEncryption_oid = new
@@ -749,7 +766,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
      * Supported signing algorithms for a RSA key.
      */
     public static final String[] RSA_SIGNING_ALGORITHMS = new String[]
-    { "SHA1withRSA", "SHA256withRSA", "SHA512withRSA", "MD5withRSA", "MD2withRSA" };
+    { "SHA1withRSA", "SHA256withRSA", "SHA384withRSA", "SHA512withRSA", "MD5withRSA", "MD2withRSA" };
 
     public static final String[] EC_SIGNING_ALGORITHMS = new String[]
     { "SHA1withEC", "SHA256withEC", "SHA384withEC", "SHA512withEC" };
@@ -759,7 +776,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
      */
     public static final String[] ALL_SIGNING_ALGORITHMS = new String[]
     {
-            "SHA1withRSA", "MD5withRSA", "MD2withRSA", "SHA1withDSA", "SHA256withRSA", "SHA512withRSA", "SHA1withEC",
+            "SHA1withRSA", "MD5withRSA", "MD2withRSA", "SHA1withDSA", "SHA256withRSA", "SHA384withRSA", "SHA512withRSA", "SHA1withEC",
             "SHA256withEC", "SHA384withEC", "SHA512withEC" };
 
 }
diff --git a/base/util/src/netscape/security/x509/X509CRLImpl.java b/base/util/src/netscape/security/x509/X509CRLImpl.java
index c48f39050..e8e039034 100755
--- a/base/util/src/netscape/security/x509/X509CRLImpl.java
+++ b/base/util/src/netscape/security/x509/X509CRLImpl.java
@@ -415,6 +415,12 @@ public class X509CRLImpl extends X509CRL {
                 sigAlg = "SHA1/DSA";
             } else if (sigAlg.equals("SHA1withEC")) {
                 sigAlg = "SHA1/EC";
+            } else if (sigAlg.equals("SHA256withRSA")) {
+                sigAlg = "SHA256/RSA";
+            } else if (sigAlg.equals("SHA384withRSA")) {
+                sigAlg = "SHA384/RSA";
+            } else if (sigAlg.equals("SHA512withRSA")) {
+                sigAlg = "SHA512/RSA";
             } else if (sigAlg.equals("SHA256withEC")) {
                 sigAlg = "SHA256/EC";
             } else if (sigAlg.equals("SHA384withEC")) {