Consent-token is a feature supported in IOS-XR to provide an extra layer of protection before running certain privileged operations. The operations controlled by consent-token can be run only if the challenge generated by consent-token is signed by the authorized keys.
The ct_sim.py in this repo is a reference implementation of the Consent-token signing server. The Consent-token signing server can be used to sign challenge string generated from the IOS-XR box.
To sign the challenge requests, the script should be used as below:
ct_sim.py -p ct-priv-key-file -C challenge-string
ct-priv-key-file should be the private key corresponding to the public key added to the box using the key-package CLI's.