diff options
author | Marcello Stanisci <stanisci.m@gmail.com> | 2019-05-09 18:32:33 +0200 |
---|---|---|
committer | Marcello Stanisci <stanisci.m@gmail.com> | 2019-05-09 18:32:33 +0200 |
commit | fd8d2affec3a7ca5a263cf8812696434f26d7b98 (patch) | |
tree | 77b449999857427a2ea48d2cc2160df1fc7c1ea1 /doc | |
parent | 35e7e0a598672f73ea28836295a94d4d70429e50 (diff) | |
download | deployment-fd8d2affec3a7ca5a263cf8812696434f26d7b98.tar.gz deployment-fd8d2affec3a7ca5a263cf8812696434f26d7b98.tar.bz2 deployment-fd8d2affec3a7ca5a263cf8812696434f26d7b98.zip |
Docuement key-based access to GLS.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/gls.txt | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/doc/gls.txt b/doc/gls.txt index c265c6e..8f5135e 100644 --- a/doc/gls.txt +++ b/doc/gls.txt @@ -1,7 +1,33 @@ +### ---- key based access. Extracted from https://www.aquamaniac.de/sites/download/download.php?package=09&release=09&file=01&dummy=aqbanking4-handbook-20091231.pdf + +# 1 Create local keys _container_ (so no keys are created yet). +gct-tool create -t ohbci output.medium + +# 2 Create user associated with local keys. (From now on, ${UNIQUEID} points to this fresh user) +aqhbci-tool4 adduser -s 'https://hbci.gad.de' -u VRK5889860152647799 -c VRK5889860152647799 -N 6726405199003430951 -b 43060967 -t ohbci --context=1 --rdhtype=0 --hbciversion=300 -n output.medium + +# 3 Get keys (sign & crypt) from the bank. Didn't work. +aqhbci-tool4 getkeys --user=${UNIQUEID} + +# 4 Show local (container) and bank's keys. No warnings reported, but neither keys hashcodes. +gct-tool showkey -t ohbci -n output.medium + +# 5 Actually create keys now. Worked. +aqhbci-tool4 createkeys --user=${USER} + +# 6 Send keys to the bank. Didn't work (I suspect the URL associate with the user is not right). +aqhbci-tool4 sendkeys --user=${USER} + +# 7 Last, generate letter. Worked. +aqhbci-tool4 iniletter --user=${USER} > ini.txt + +# 8 Pen-sign the letter and send via snail mail to the bank. + +============== mobile TAN method below; could not get it to work. + # Add a user in the system. The user has a bank and a customer id, but is _not_ active yet (see command below). aqhbci-tool4 adduser -s 'https://hbci-pintan.gad.de/cgi-bin/hbciservlet' -u VRK588XXX -c VRK588XXX -N 6726405XXX -b 43060967 -t pintan --context=1 # This is the command the "unlocks" the user. After this command, the user should be able to ask for the balance and # transactions list, but not to issue payments. aqhbci-tool4 getitanmodes --user=U - |