Ask / Submit
5

Whisperfish device verification code

asked 2018-03-08 11:17:41 +0300

objectifnul gravatar image

updated 2018-03-08 11:22:17 +0300

Hi, did anyone recently succeed in registering a new SFOS (Lapuanjoki) device with Signal using Whisperfish?

It used to work fine for me; however, I could no longer get a new device verification code for my Xperia X. According to aebruno, my logs seem to indicate that whisperfish does work, so I have to suspect an other issue, maybe a mobile operator problem, maybe some new kind of blocking third party apps on Signal side, maybe a compatibility issue with Lapuanjoki or XperiaX.

edit retag flag offensive close delete

Comments

Last thing I heard is that the telephonenumber changed for signal verification. So that might explain it not working for you.

leszek ( 2018-03-08 12:14:42 +0300 )edit

I don't know in detail how it works. AFAIK the verification request is not supposed to be submitted to a phone number, but sent to Signal servers directly. Then a Signal voice robot calls you to tell the 6-digit code. However, this robot never calls me. I'd like someone else to check (same SFOS release, same device)

objectifnul ( 2018-03-08 12:22:35 +0300 )edit

Hi, I'm considering installing Whisperfish instead of the android application. Do you know whether it's possible to disable the address book upload before any further setup steps? This issue decides whether I'll use the native app and test your problem or go for the android one...

takimata ( 2018-03-09 22:15:15 +0300 )edit

I just set it up on a fresh 2.1.4.14, Xperia X. By manually entering my phone number in the "Register" field, I get the robot call and a 6-digit code. However, the device fails to register with that 6-digit code. Whisperfish worked for me before 2.1.4.12, so either it's a very recent change with Signal or Sailfish. Personally, I don't have any interest in using Signal after their developers threw a tantrum when people wanted to use third party apps.

deprecated ( 2018-03-09 22:55:36 +0300 )edit
1

@takimata When registering the device, there is an option "share contacts" (or not)

@deprecated Indeed. Moxie Marlinspike's policy is questionable.

objectifnul ( 2018-03-10 01:02:30 +0300 )edit

6 Answers

Sort by » oldest newest most voted
4

answered 2018-03-21 12:00:03 +0300

takimata gravatar image

It works for me, using https://github.com/aebruno/whisperfish/releases/download/v0.4.5/harbour-whisperfish-0.4.5.0.gaadba61-1.armv7hl.rpm on Xperia X running Lapuanjoki.

edit flag offensive delete publish link more

Comments

Using same Whisperfish release, same device, same SFOS version. Signal voice robot never calls back. Looks like my phone number (or my country?) is blacklisted.

objectifnul ( 2018-03-21 12:33:51 +0300 )edit

Belgium isn't blacklisted, definitely.

nthn ( 2018-03-21 14:46:36 +0300 )edit

New release soon?

v0.5.0_ (unreleased)

Built using SailfishOSSDK-Beta-1801-Qt5-linux-64 and go v1.10
Tested on Sailfish OS 2.1.4.14 (Lapuanjoki)
Fix #26,#83 Support sending files as attachments using new content file pickers
Refactor QML to only use allowed Harbour imports
Add new contact picker for composing new messages
objectifnul ( 2018-03-21 14:47:30 +0300 )edit

I would suspect your mobile service provider, not the application itself... Have you tried another SIM/phone number?

takimata ( 2018-03-21 22:57:11 +0300 )edit

Yes I did, but with the same operator (no other choice currently). No success. Will try next month in an other country.

objectifnul ( 2018-03-22 00:21:27 +0300 )edit
4

answered 2018-05-11 20:34:08 +0300

Ruben De Smet gravatar image

updated 2018-05-12 19:56:20 +0300

Hi!

While I have no clue on why you don't get the text/voice call, it seems like you can manually hack it in, using a bit of command line trickery.

You'll need OpenSSL on a computer (doesn't matter which one).

Start by going through the registration procedure in the app, and when you need to insert the code, request the verification code manually:

openssl s_client -connect textsecure-service.whispersystems.org

This opens an SSL session with OWS/Signal. You'll be manually requesting the text message; type

GET /v1/accounts/sms/code/[YOUR PHONENUMBER] HTTP/1.1
Host: textsecure-service.whispersystems.org

Followed by two returns. You should receive "HTTP/1.1 200 OK". Use Ctrl+D to close the session. Make sure to enter your phone number in international notation (+324** for me) in the URL.

By now, you should have received a code by text. Enter it in the app, and registration should complete. At least, it did for me :-)

edit flag offensive delete publish link more

Comments

1

Thx. however,

openssl s_client -connect textsecure-service.whispersystems.org:443

apparently fails, returning a text finishing with

Verify return code: 21 (unable to verify the first certificate)
objectifnul ( 2018-05-12 19:40:25 +0300 )edit

Complete response below :

CONNECTED(00000003)
depth=0 C = US, ST = California, O = Open Whisper Systems, OU = Open Whisper Systems, CN = textsecure-service.whispersystems.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = US, ST = California, O = Open Whisper Systems, OU = Open Whisper Systems, CN = textsecure-service.whispersystems.org
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 (certificate chain displayed here)
---
Server certificate
-----BEGIN CERTIFICATE-----
(certificate displayed here)
-----END CERTIFICATE-----
subject=/C=US/ST=California/O=Open Whisper Systems/OU=Open Whisper Systems/CN=textsecure-service.whispersystems.org
issuer=/C=US/ST=California/L=San Francisco/O=Open Whisper Systems/OU=Open Whisper Systems/CN=TextSecure
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1557 bytes and written 431 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: (session ID displayed here)
    Session-ID-ctx: 
    Master-Key: (master key displayed here)
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1526143441
    Timeout   : 300 (sec)
    Verify return code: 21 (unable to verify the first certificate)
objectifnul ( 2018-05-12 19:49:08 +0300 )edit

Sorry for that. Drop :443, I copied the wrong part of my history. I edited my answer to reflect the change.

Ruben De Smet ( 2018-05-12 19:55:51 +0300 )edit

Response after the GET command :

<h1>Bad Message 400</h1><pre>reason: Unknown Version</pre>closed
objectifnul ( 2018-05-12 20:01:23 +0300 )edit

Without :443, the response is

no port defined
objectifnul ( 2018-05-12 20:10:01 +0300 )edit
3

answered 2018-03-26 13:42:14 +0300

objectifnul gravatar image

Just installed new Whisperfish 0.5.0 released today. Still no callback from Signal.

So, if anyone succeeded in registering a new SailfishX Xperia X F5121 device running 2.1.4.14 Lapuanjoki plus Whisperfish 0.5.0, there is something special in my configuration to be investigated.

I have strictly no idea of what the problem can be. I just know this: my mobile operator is not the explanation.

edit flag offensive delete publish link more

Comments

I registered approx. 1 week ago on SailfishX Xperia X F5121 device running 2.1.4.14 but using 0.4.5 and it worked perfectly.

bomo ( 2018-03-26 14:17:26 +0300 )edit

Thx. The mystery remains completely. My phone number is not blacklisted by Signal, Signal is not blacklisted by my mobile operator (checked with the Andoid app). Looking for other hypotheses: DNS issue? Phone number already registered with old device? MAC address filter? I'm clueless.

objectifnul ( 2018-03-26 14:33:41 +0300 )edit

Are you sure you typed your phone number correctly? What about putting your sim card in another phone and receiving the code there?

bomo ( 2018-03-26 14:37:47 +0300 )edit

Already checked with my old Jolla phone (also running 2.1.4.14). No success. And yes, I know my phone number by heart. I don't think I could make a typo twelve times.

Perhaps some app installed on my old and new devices is guilty, but there are so many.

objectifnul ( 2018-03-26 14:50:16 +0300 )edit

And what about the format of the number entered into whisperfish? Did you skip the +/00 prefix? How many digits does your number have?

bomo ( 2018-03-26 14:56:21 +0300 )edit
1

answered 2018-03-27 10:18:45 +0300

objectifnul gravatar image

updated 2018-03-27 11:43:43 +0300

  • Some users are experiencing device registration issues with Whisperfish/XperiaX/Lapuanjoki 2.1.4.14.
  • Some users have no problem.
  • A Github issue was created here.
  • According to Andrew E. Bruno, my debug log indicated no anomaly, so the issue was closed.

Maybe other users having this problem may open a new issue on Github in order to investigate further; this would help identifying what they have in common to explain the problem.

edit flag offensive delete publish link more

Comments

Here is my output:

`,---

| SailfishOS 2.1.4.14 (Lapuanjoki)

'---

[nemo@Sailfish ~]$ rm -rf .config/harbour-whisperfish/

[nemo@Sailfish ~]$ rm -rf .local/share/harbour-whisperfish/

[nemo@Sailfish ~]$ harbour-whisperfish -d

[D] unknown:0 - Using Wayland-EGL

[D] unknown:0 - Defaulting to webview scaling factor of 1.0

[D] unknown:0 - "Unexpected reply signature: got \"\", expected \"a{sv}\""

[D] onTriggered:163 - Page status: 2

[W] unknown:202 - file:///usr/lib/qt5/qml/Sailfish/Silica/DialogHeader.qml:202: TypeError: Cannot read property 'backIndicatorDown' of null

[W] unknown:197 - file:///usr/lib/qt5/qml/Sailfish/Silica/DialogHeader.qml:197: TypeError: Cannot read property 'backIndicatorDown' of null

[W] unknown:255 - file:///usr/lib/qt5/qml/Sailfish/Silica/DialogHeader.qml:255: TypeError: Cannot read property 'forwardIndicatorDown' of null

[W] unknown:250 - file:///usr/lib/qt5/qml/Sailfish/Silica/DialogHeader.qml:250: TypeError: Cannot read property 'forwardIndicatorDown' of null

[nemo@Sailfish ~]$`

I think some registration steps are skipped?, it does not ask country code or phone number.

pmelas ( 2018-03-27 12:17:53 +0300 )edit
1

answered 2018-05-13 10:50:47 +0300

objectifnul gravatar image

updated 2018-05-13 14:14:32 +0300

Eventually obtained the robot's SMS with six-digit registration code.

Procedure :

1) Prepare the phone (open Whisperfish, enter passphrase, enter phone number, don't expect SMS for now)

2) From laptop terminal:

openssl s_client -connect textsecure-service.whispersystems.org:443

3) then paste these two lines (with your own number instead of +324xxxxxxxx):

GET /v1/accounts/sms/code/+324xxxxxxxx HTTP/1.1
Host: textsecure-service.whispersystems.org

4) then ENTER twice then Ctrl-D (must do that quite quickly, fails if too slow). Wait for the robot's SMS.

5) On the phone, enter the six digits in Whisperfish. You are now registered.

Thank you Ruben!

edit flag offensive delete publish link more
0

answered 2018-05-26 02:28:17 +0300

PatsJolla gravatar image

sorry for reopening this question but it doesn't work. I tried to terminal connection, received two sms with codes both didn't work then in the third time I suddenly get a call with a code that seems to work but now Whisperfish crashes with a failure message. When using the -d option to get the debug log I see the following message:

error: "wrong MAC calculated, possibly due to wrong passphrase"

In Github someone mentioned that Issue #116 might be the real problem: https://github.com/aebruno/whisperfish/issues/116

How can I skip setting a passhrase?

edit flag offensive delete publish link more
Login/Signup to Answer

Question tools

Follow
3 followers

Stats

Asked: 2018-03-08 11:17:41 +0300

Seen: 1,417 times

Last updated: May 13