secsipidx(1)

CLI tool and HTTP API server to check or build SIP identity headers

Section 1 secsipidx bookworm source

Description

SECSIPIDX

NAME

secsipidx - CLI tool and HTTP API server to check or build SIP identity headers

SYNOPSIS

secsipidx [options]

DESCRIPTION

Command line application to check or build SIP identity headers as per IETF RFC8224 and RFC8588 (STIR and SHAKEN). It also can be run in daemon mode, providing HTTP REST API to ease the adoption of STIR and SHAKEN by external applications.

OPTIONS

-H, -http-srv

http server bind address

-https-srv

https server bind address

-https-pubkey

https server public key

-https-prvkey

https server private key

-http-dir

directory to serve over http

-k, -fprvkey

path to private key

-p, -fpubkey

path to public key

-fheader

path to file with header value in JSON format

-header

header value in JSON format

-fpayload

path to file with payload value in JSON format

-payload

payload value in JSON format

-fidentity

path to file with identity value

-identity

identity value

	-alg		encryption algorithm (default: ES256)
	-ppt		used extension (default: shaken)
	-typ		token type (default: passport)
	-x5u		value of the field with the location of the certificate used to sign the token (default: ’’)

-a, -attest

attestation level (default: ’C’)

-d, -dest-tn

destination (called) number (default: ’’)

-o, -orig-th

origination (calling) number (default: ’’)

-iat

timestamp when the token was created

-orig-id

origination identifier (default: ’’)

-c, -check

check validity of the signature

-s, -sign

sign the header and payload

-S, -sign-full

sign the header and payload, with parameters

-json-parse

parse and re-serialize JSON header and payaload values

-expire

duration of token validity (in seconds)

-timeout

http get timeout (in seconds, default: 3)

-l, -ltest

run local basic test

-version

print version

-cache-dir

path to the directory with cached certificates (default: ’’)

-cache-expire

duration of cached certificates (in seconds, default 3600)

-ca-file

file with root CA certificates in pem format

-ca-inter

file with intermediate CA certificates in pem format

-cert-verify

certificate verification mode (default: 0)

-crl-file

file with CRL

EXAMPLES

TODO

AUTHOR

This manual page was written by Victor Seva <vseva@debian.org>, for the Debian project (and may be used by others).