commit fd8d2affec3a7ca5a263cf8812696434f26d7b98
parent 35e7e0a598672f73ea28836295a94d4d70429e50
Author: Marcello Stanisci <stanisci.m@gmail.com>
Date: Thu, 9 May 2019 18:32:33 +0200
Docuement key-based access to GLS.
Diffstat:
1 file changed, 27 insertions(+), 1 deletion(-)
diff --git a/doc/gls.txt b/doc/gls.txt
@@ -1,7 +1,33 @@
+### ---- key based access. Extracted from https://www.aquamaniac.de/sites/download/download.php?package=09&release=09&file=01&dummy=aqbanking4-handbook-20091231.pdf
+
+# 1 Create local keys _container_ (so no keys are created yet).
+gct-tool create -t ohbci output.medium
+
+# 2 Create user associated with local keys. (From now on, ${UNIQUEID} points to this fresh user)
+aqhbci-tool4 adduser -s 'https://hbci.gad.de' -u VRK5889860152647799 -c VRK5889860152647799 -N 6726405199003430951 -b 43060967 -t ohbci --context=1 --rdhtype=0 --hbciversion=300 -n output.medium
+
+# 3 Get keys (sign & crypt) from the bank. Didn't work.
+aqhbci-tool4 getkeys --user=${UNIQUEID}
+
+# 4 Show local (container) and bank's keys. No warnings reported, but neither keys hashcodes.
+gct-tool showkey -t ohbci -n output.medium
+
+# 5 Actually create keys now. Worked.
+aqhbci-tool4 createkeys --user=${USER}
+
+# 6 Send keys to the bank. Didn't work (I suspect the URL associate with the user is not right).
+aqhbci-tool4 sendkeys --user=${USER}
+
+# 7 Last, generate letter. Worked.
+aqhbci-tool4 iniletter --user=${USER} > ini.txt
+
+# 8 Pen-sign the letter and send via snail mail to the bank.
+
+============== mobile TAN method below; could not get it to work.
+
# Add a user in the system. The user has a bank and a customer id, but is _not_ active yet (see command below).
aqhbci-tool4 adduser -s 'https://hbci-pintan.gad.de/cgi-bin/hbciservlet' -u VRK588XXX -c VRK588XXX -N 6726405XXX -b 43060967 -t pintan --context=1
# This is the command the "unlocks" the user. After this command, the user should be able to ask for the balance and
# transactions list, but not to issue payments.
aqhbci-tool4 getitanmodes --user=U
-
