Ask / Submit

Whisperfish device verification code

asked 2018-03-08 11:17:41 +0300

objectifnul gravatar image

updated 2018-03-08 11:22:17 +0300

Hi, did anyone recently succeed in registering a new SFOS (Lapuanjoki) device with Signal using Whisperfish?

It used to work fine for me; however, I could no longer get a new device verification code for my Xperia X. According to aebruno, my logs seem to indicate that whisperfish does work, so I have to suspect an other issue, maybe a mobile operator problem, maybe some new kind of blocking third party apps on Signal side, maybe a compatibility issue with Lapuanjoki or XperiaX.

edit retag flag offensive close delete


Last thing I heard is that the telephonenumber changed for signal verification. So that might explain it not working for you.

leszek ( 2018-03-08 12:14:42 +0300 )edit

I don't know in detail how it works. AFAIK the verification request is not supposed to be submitted to a phone number, but sent to Signal servers directly. Then a Signal voice robot calls you to tell the 6-digit code. However, this robot never calls me. I'd like someone else to check (same SFOS release, same device)

objectifnul ( 2018-03-08 12:22:35 +0300 )edit

Hi, I'm considering installing Whisperfish instead of the android application. Do you know whether it's possible to disable the address book upload before any further setup steps? This issue decides whether I'll use the native app and test your problem or go for the android one...

takimata ( 2018-03-09 22:15:15 +0300 )edit

I just set it up on a fresh, Xperia X. By manually entering my phone number in the "Register" field, I get the robot call and a 6-digit code. However, the device fails to register with that 6-digit code. Whisperfish worked for me before, so either it's a very recent change with Signal or Sailfish. Personally, I don't have any interest in using Signal after their developers threw a tantrum when people wanted to use third party apps.

deprecated ( 2018-03-09 22:55:36 +0300 )edit

@takimata When registering the device, there is an option "share contacts" (or not)

@deprecated Indeed. Moxie Marlinspike's policy is questionable.

objectifnul ( 2018-03-10 01:02:30 +0300 )edit

9 Answers

Sort by » oldest newest most voted

answered 2018-05-11 20:34:08 +0300

Ruben De Smet gravatar image

updated 2018-05-12 19:56:20 +0300


While I have no clue on why you don't get the text/voice call, it seems like you can manually hack it in, using a bit of command line trickery.

You'll need OpenSSL on a computer (doesn't matter which one).

Start by going through the registration procedure in the app, and when you need to insert the code, request the verification code manually:

openssl s_client -connect

This opens an SSL session with OWS/Signal. You'll be manually requesting the text message; type

GET /v1/accounts/sms/code/[YOUR PHONENUMBER] HTTP/1.1

Followed by two returns. You should receive "HTTP/1.1 200 OK". Use Ctrl+D to close the session. Make sure to enter your phone number in international notation (+324** for me) in the URL.

By now, you should have received a code by text. Enter it in the app, and registration should complete. At least, it did for me :-)

edit flag offensive delete publish link more



Thx. however,

openssl s_client -connect

apparently fails, returning a text finishing with

Verify return code: 21 (unable to verify the first certificate)
objectifnul ( 2018-05-12 19:40:25 +0300 )edit

Complete response below :

depth=0 C = US, ST = California, O = Open Whisper Systems, OU = Open Whisper Systems, CN =
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = US, ST = California, O = Open Whisper Systems, OU = Open Whisper Systems, CN =
verify error:num=21:unable to verify the first certificate
verify return:1
Certificate chain
 (certificate chain displayed here)
Server certificate
(certificate displayed here)
subject=/C=US/ST=California/O=Open Whisper Systems/OU=Open Whisper Systems/
issuer=/C=US/ST=California/L=San Francisco/O=Open Whisper Systems/OU=Open Whisper Systems/CN=TextSecure
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
SSL handshake has read 1557 bytes and written 431 bytes
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: (session ID displayed here)
    Master-Key: (master key displayed here)
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1526143441
    Timeout   : 300 (sec)
    Verify return code: 21 (unable to verify the first certificate)
objectifnul ( 2018-05-12 19:49:08 +0300 )edit

Sorry for that. Drop :443, I copied the wrong part of my history. I edited my answer to reflect the change.

Ruben De Smet ( 2018-05-12 19:55:51 +0300 )edit

Response after the GET command :

<h1>Bad Message 400</h1><pre>reason: Unknown Version</pre>closed
objectifnul ( 2018-05-12 20:01:23 +0300 )edit

Without :443, the response is

no port defined
objectifnul ( 2018-05-12 20:10:01 +0300 )edit

answered 2018-03-21 12:00:03 +0300

takimata gravatar image

It works for me, using on Xperia X running Lapuanjoki.

edit flag offensive delete publish link more


Using same Whisperfish release, same device, same SFOS version. Signal voice robot never calls back. Looks like my phone number (or my country?) is blacklisted.

objectifnul ( 2018-03-21 12:33:51 +0300 )edit

Belgium isn't blacklisted, definitely.

nthn ( 2018-03-21 14:46:36 +0300 )edit

New release soon?

v0.5.0_ (unreleased)

Built using SailfishOSSDK-Beta-1801-Qt5-linux-64 and go v1.10
Tested on Sailfish OS (Lapuanjoki)
Fix #26,#83 Support sending files as attachments using new content file pickers
Refactor QML to only use allowed Harbour imports
Add new contact picker for composing new messages
objectifnul ( 2018-03-21 14:47:30 +0300 )edit

I would suspect your mobile service provider, not the application itself... Have you tried another SIM/phone number?

takimata ( 2018-03-21 22:57:11 +0300 )edit

Yes I did, but with the same operator (no other choice currently). No success. Will try next month in an other country.

objectifnul ( 2018-03-22 00:21:27 +0300 )edit

answered 2018-03-26 13:42:14 +0300

objectifnul gravatar image

Just installed new Whisperfish 0.5.0 released today. Still no callback from Signal.

So, if anyone succeeded in registering a new SailfishX Xperia X F5121 device running Lapuanjoki plus Whisperfish 0.5.0, there is something special in my configuration to be investigated.

I have strictly no idea of what the problem can be. I just know this: my mobile operator is not the explanation.

edit flag offensive delete publish link more


I registered approx. 1 week ago on SailfishX Xperia X F5121 device running but using 0.4.5 and it worked perfectly.

bomo ( 2018-03-26 14:17:26 +0300 )edit

Thx. The mystery remains completely. My phone number is not blacklisted by Signal, Signal is not blacklisted by my mobile operator (checked with the Andoid app). Looking for other hypotheses: DNS issue? Phone number already registered with old device? MAC address filter? I'm clueless.

objectifnul ( 2018-03-26 14:33:41 +0300 )edit

Are you sure you typed your phone number correctly? What about putting your sim card in another phone and receiving the code there?

bomo ( 2018-03-26 14:37:47 +0300 )edit

Already checked with my old Jolla phone (also running No success. And yes, I know my phone number by heart. I don't think I could make a typo twelve times.

Perhaps some app installed on my old and new devices is guilty, but there are so many.

objectifnul ( 2018-03-26 14:50:16 +0300 )edit

And what about the format of the number entered into whisperfish? Did you skip the +/00 prefix? How many digits does your number have?

bomo ( 2018-03-26 14:56:21 +0300 )edit

answered 2018-03-27 10:18:45 +0300

objectifnul gravatar image

updated 2018-03-27 11:43:43 +0300

  • Some users are experiencing device registration issues with Whisperfish/XperiaX/Lapuanjoki
  • Some users have no problem.
  • A Github issue was created here.
  • According to Andrew E. Bruno, my debug log indicated no anomaly, so the issue was closed.

Maybe other users having this problem may open a new issue on Github in order to investigate further; this would help identifying what they have in common to explain the problem.

edit flag offensive delete publish link more


Here is my output:


| SailfishOS (Lapuanjoki)


[nemo@Sailfish ~]$ rm -rf .config/harbour-whisperfish/

[nemo@Sailfish ~]$ rm -rf .local/share/harbour-whisperfish/

[nemo@Sailfish ~]$ harbour-whisperfish -d

[D] unknown:0 - Using Wayland-EGL

[D] unknown:0 - Defaulting to webview scaling factor of 1.0

[D] unknown:0 - "Unexpected reply signature: got \"\", expected \"a{sv}\""

[D] onTriggered:163 - Page status: 2

[W] unknown:202 - file:///usr/lib/qt5/qml/Sailfish/Silica/DialogHeader.qml:202: TypeError: Cannot read property 'backIndicatorDown' of null

[W] unknown:197 - file:///usr/lib/qt5/qml/Sailfish/Silica/DialogHeader.qml:197: TypeError: Cannot read property 'backIndicatorDown' of null

[W] unknown:255 - file:///usr/lib/qt5/qml/Sailfish/Silica/DialogHeader.qml:255: TypeError: Cannot read property 'forwardIndicatorDown' of null

[W] unknown:250 - file:///usr/lib/qt5/qml/Sailfish/Silica/DialogHeader.qml:250: TypeError: Cannot read property 'forwardIndicatorDown' of null

[nemo@Sailfish ~]$`

I think some registration steps are skipped?, it does not ask country code or phone number.

pmelas ( 2018-03-27 12:17:53 +0300 )edit

answered 2018-05-13 10:50:47 +0300

objectifnul gravatar image

updated 2018-05-13 14:14:32 +0300

Eventually obtained the robot's SMS with six-digit registration code.

Procedure :

1) Prepare the phone (open Whisperfish, enter passphrase, enter phone number, don't expect SMS for now)

2) From laptop terminal:

openssl s_client -connect

3) then paste these two lines (with your own number instead of +324xxxxxxxx):

GET /v1/accounts/sms/code/+324xxxxxxxx HTTP/1.1

4) then ENTER twice then Ctrl-D (must do that quite quickly, fails if too slow). Wait for the robot's SMS.

5) On the phone, enter the six digits in Whisperfish. You are now registered.

Thank you Ruben!

edit flag offensive delete publish link more

answered 2019-05-23 09:18:54 +0300

nephros gravatar image

updated 2019-05-23 15:27:36 +0300

The above methods did not work for me (SMS gets sent, but code not accepted). Probably has to do with the fact I could not enter the + sign in the gui (Gemini, don't ask).

However, after copying config.yml from a working installation, Signal would call me with the code as expected.

So, on a fresh installation (0.5.1), create /home/nemo/.config/harbour-whisperfish/config.yml with the following (change your tel. nr. obviously)

tel: "+xxxxxxxxxx"
rootCA: ""
proxy: ""
verificationType: voice
storageDir: /home/nemo/.local/share/harbour-whisperfish/storage
unencryptedStorage: false
storagePassword: ""
loglevel: debug
userAgent: Whisperfish
alwaysTrustPeerID: false

Haven't tried whether setting verification type to sms does anything, will that work?

edit flag offensive delete publish link more

answered 2018-05-26 02:28:17 +0300

PatsJolla gravatar image

sorry for reopening this question but it doesn't work. I tried to terminal connection, received two sms with codes both didn't work then in the third time I suddenly get a call with a code that seems to work but now Whisperfish crashes with a failure message. When using the -d option to get the debug log I see the following message:

error: "wrong MAC calculated, possibly due to wrong passphrase"

In Github someone mentioned that Issue #116 might be the real problem:

How can I skip setting a passhrase?

edit flag offensive delete publish link more

answered 2018-08-11 15:03:15 +0300

Loenneberga gravatar image

updated 2018-08-11 15:23:17 +0300

I installed Whisperfish from github today (v0.5.1) and I could register without any problem. I don't know if the issue has been solved, or if I was just lucky. Maybe you can just try this. It even worked without your laptop/terminal work around.

Unfortunately I don't understand how to verify the verification code? Could anyone let me know?

When I send a Message from the Whisperfish app on Xperia X, and want to verify the contact on a receiving phone, the verification code has a different format. In Whisperfish it's figures and letters, but in the receiving iOS Signal app there are figures only.

edit flag offensive delete publish link more

answered 2018-08-14 17:51:50 +0300

objectifnul gravatar image

updated 2018-08-14 17:53:52 +0300

Weird: I reflashed my Xperia X (because I couldn't upgrade to Mouhijoki the normal way), which probably implies my phone now appears as a new one. Nevertheless, my previous Whisperfish registration is still valid.

edit flag offensive delete publish link more
Login/Signup to Answer

Question tools



Asked: 2018-03-08 11:17:41 +0300

Seen: 2,594 times

Last updated: May 23 '19