Use when implementing SIP authentication, security mechanisms, and encryption. Use when securing SIP servers, clients, or proxies.
View on GitHubTheBushidoCollective/han
jutsu-sip
January 24, 2026
Select agents to install to:
npx add-skill https://github.com/TheBushidoCollective/han/blob/main/jutsu/jutsu-sip/skills/sip-authentication-security/SKILL.md -a claude-code --skill sip-authentication-securityInstallation paths:
.claude/skills/sip-authentication-security/# SIP Authentication and Security
Master SIP authentication mechanisms (HTTP Digest), TLS encryption, SIPS,
and security best practices for building secure VoIP applications.
## HTTP Digest Authentication
### Challenge-Response Flow
```
Client Server
| |
| REGISTER (no credentials) |
|---------------------------------------->|
| |
| 401 Unauthorized |
| WWW-Authenticate: Digest |
| realm="atlanta.com" |
| nonce="dcd98b7102dd..." |
| algorithm=MD5 |
| qop="auth" |
|<----------------------------------------|
| |
| REGISTER (with Authorization) |
| Authorization: Digest |
| username="alice" |
| realm="atlanta.com" |
| nonce="dcd98b7102dd..." |
| uri="sip:atlanta.com" |
| response="6629fae49393..." |
| algorithm=MD5 |
| qop=auth |
| nc=00000001 |
| cnonce="0a4f113b" |
|---------------------------------------->|
| |
| 200 OK |
|<----------------------------------------|
| |
```
### Digest Authentication Implementation
```typescript
import crypto from 'crypto';
interface DigestChallenge {
realm: string;
nonce: string;
algorithm: 'MD5' | 'SHA-256';
qop?: 'auth' | 'auth-int';
opaque?: string;
stale?: boolean;
}
interface DigestCredentials {
username: string;
realm: string;
nonce: string;
uri: string;
response: string;
algorithm: 'MD5' | 'SHA-256';
cnonce?: strin