diff --git a/pkg/cosign/tlog.go b/pkg/cosign/tlog.go
index d3a77d51282e..fd4458370824 100644
--- a/pkg/cosign/tlog.go
+++ b/pkg/cosign/tlog.go
@@ -271,6 +271,8 @@ func rekorEntryHashAlgorithm(checksum crypto.SignerOpts) string {
 	switch checksum.HashFunc() {
 	case crypto.SHA256:
 		return models.HashedrekordV001SchemaDataHashAlgorithmSha256
+	case crypto.SHA384:
+		return models.HashedrekordV001SchemaDataHashAlgorithmSha384
 	case crypto.SHA512:
 		return models.HashedrekordV001SchemaDataHashAlgorithmSha512
 	default:
diff --git a/pkg/cosign/verify.go b/pkg/cosign/verify.go
index 746e86eacc6a..b7d15e2c2fa2 100644
--- a/pkg/cosign/verify.go
+++ b/pkg/cosign/verify.go
@@ -1137,6 +1137,9 @@ func VerifyBundle(sig oci.Signature, co *CheckOpts) (bool, error) {
 	case crypto.SHA256:
 		h := sha256.Sum256(payload)
 		payloadHash = hex.EncodeToString(h[:])
+	case crypto.SHA384:
+		h := sha512.Sum384(payload)
+		payloadHash = hex.EncodeToString(h[:])
 	case crypto.SHA512:
 		h := sha512.Sum512(payload)
 		payloadHash = hex.EncodeToString(h[:])
@@ -1267,8 +1270,8 @@ func extractEntryImpl(bundleBody string) (rekor_types.EntryImpl, error) {
 
 func HashAlgorithmToCryptoHash(hashAlgorithm string) crypto.Hash {
 	switch hashAlgorithm {
-	case "sha256":
-		return crypto.SHA256
+	case "sha384":
+		return crypto.SHA384
 	case "sha512":
 		return crypto.SHA512
 	default: