Force Thunderbird/Enigmail to use a specific signing (hash) algorithm

Computer security

If you’ve had issues trying to get Thunderbird to send your PGP signed e-mail using anything other than SHA-1 there is a quick and easy fix that will let you pick whichever hash you prefer.

  1. Open up Thunderbird’s preferences

  2. On the Advanced Tab, under General click Config Editor

  3. In the about:config window search for “extensions.enigmail.mimeHashAlgorithm” without quotes. Double click on this and enter a value. The value will determine which hash algorithm is used for signing.

The values are as follows:

0: Automatic selection, let GnuPG choose (note that while this may be the default it may also be the one that doesn’t work depending on your configuration).

1: SHA-1

2: RIPEMD-160

3: SHA-256

4: SHA-384

5: SHA-512

6: SHA-224