Consorsbank: Error during dialog initialization, could not fetch BPD.

[PetePriority]

Describe the bug
Execution of the test script fails in line 37 (on entering the with-block) with the exception fints.exceptions.FinTSClientError: Error during dialog initialization, could not fetch BPD. Please check that you passed the correct bank identifier to the HBCI URL of the correct bank.

Bank I tested this with
Name of the bank: Consorsbank
FinTS URL: https://brokerage-hbci.consorsbank.de/hbci

Expected behavior
On entering the with-block a dialog should be opened with the bank.

Code required to reproduce
Same as https://python-fints.readthedocs.io/en/latest/trouble.html, with

client_args = (
    '76030080',  # BLZ
    ACCOUNTID,
    PIN,
    'https://brokerage-hbci.consorsbank.de/hbci'  # ENDPOINT
)

Log output / error message

Log output

WARNING:fints.client:You should register your program with the ZKA and pass your own product_id as a parameter.
DEBUG:fints.connection:Sending >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
	fints.message.FinTSCustomerMessage([
	    fints.segments.message.HNHBK3( # Nachrichtenkopf
	        header = fints.formals.SegmentHeader('HNHBK', 1, 3), # Segmentkopf
	        message_size = 395, # Größe der Nachricht (nach Verschlüsselung und Komprimierung)
	        hbci_version = 300, # HBCI-Version
	        dialog_id = '0', # Dialog-ID
	        message_number = 1, # Nachrichtennummer
	    ),
	    fints.segments.message.HNVSK3( # Verschlüsselungskopf, version 3
	        header = fints.formals.SegmentHeader('HNVSK', 998, 3), # Segmentkopf
	        security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil
	                security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren
	                security_method_version = 1, # Version des Sicherheitsverfahrens
	            ),
	        security_function = '998', # Sicherheitsfunktion, kodiert
	        security_role = fints.formals.SecurityRole.ISS, # Rolle des Sicherheitslieferanten, kodiert: Erfasser, Erstsignatur
	        security_identification_details = fints.formals.SecurityIdentificationDetails( # Sicherheitsidentifikation, Details
	                identified_role = fints.formals.IdentifiedRole.MS, # Message Sender
	                cid = None,
	                identifier = '0',
	            ),
	        security_datetime = fints.formals.SecurityDateTime( # Sicherheitsdatum und -uhrzeit
	                date_time_type = fints.formals.DateTimeType.STS, # Sicherheitszeitstempel
	                date = datetime.date(2019, 12, 22),
	                time = datetime.time(20, 16, 34, 492484),
	            ),
	        encryption_algorithm = fints.formals.EncryptionAlgorithm( # Verschlüsselungsalgorithmus
	                usage_encryption = fints.formals.UsageEncryption.OSY, # Owner Symmetric
	                operation_mode = fints.formals.OperationMode.CBC, # Cipher Block Chaining
	                encryption_algorithm = fints.formals.EncryptionAlgorithmCoded.TWOKEY3DES, # 2-Key-Triple-DES
	                algorithm_parameter_value = b'\x00\x00\x00\x00\x00\x00\x00\x00',
	                algorithm_parameter_name = fints.formals.AlgorithmParameterName.KYE, # Symmetrischer Schlüssel, verschlüsselt mit symmetrischem Schlüssel
	                algorithm_parameter_iv_name = fints.formals.AlgorithmParameterIVName.IVC, # Initialization value, clear text
	            ),
	        key_name = fints.formals.KeyName( # Schlüsselname
	                bank_identifier = fints.formals.BankIdentifier(
	                        country_identifier = '280',
	                        bank_code = '76030080',
	                    ),
	                user_id = ACCOUNTID,
	                key_type = fints.formals.KeyType.V, # Schlüsselart: Chiffrierschlüssel
	                key_number = 0,
	                key_version = 0,
	            ),
	        compression_function = fints.formals.CompressionFunction.NULL, # Komprimierungsfunktion: Keine Kompression
	    ),
	    fints.segments.message.HNVSD1( # Verschlüsselte Daten, version 1
	        header = fints.formals.SegmentHeader('HNVSD', 999, 1), # Segmentkopf
	        data = fints.types.SegmentSequence([ # Daten, verschlüsselt
	                fints.segments.message.HNSHK4( # Signaturkopf, version 4
	                    header = fints.formals.SegmentHeader('HNSHK', 2, 4), # Segmentkopf
	                    security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil
	                            security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren
	                            security_method_version = 1, # Version des Sicherheitsverfahrens
	                        ),
	                    security_function = '999', # Sicherheitsfunktion, kodiert
	                    security_reference = '3124035', # Sicherheitskontrollreferenz
	                    security_application_area = fints.formals.SecurityApplicationArea.SHM, # Bereich der Sicherheitsapplikation, kodiert: Signaturkopf und HBCI-Nutzdaten
	                    security_role = fints.formals.SecurityRole.ISS, # Rolle des Sicherheitslieferanten, kodiert: Erfasser, Erstsignatur
	                    security_identification_details = fints.formals.SecurityIdentificationDetails( # Sicherheitsidentifikation, Details
	                            identified_role = fints.formals.IdentifiedRole.MS, # Message Sender
	                            cid = None,
	                            identifier = '0',
	                        ),
	                    security_reference_number = 1, # Sicherheitsreferenznummer
	                    security_datetime = fints.formals.SecurityDateTime( # Sicherheitsdatum und -uhrzeit
	                            date_time_type = fints.formals.DateTimeType.STS, # Sicherheitszeitstempel
	                            date = datetime.date(2019, 12, 22),
	                            time = datetime.time(20, 16, 34, 492247),
	                        ),
	                    hash_algorithm = fints.formals.HashAlgorithm( # Hashalgorithmus
	                            usage_hash = '1',
	                            hash_algorithm = '999',
	                            algorithm_parameter_name = '1',
	                        ),
	                    signature_algorithm = fints.formals.SignatureAlgorithm( # Signaturalgorithmus
	                            usage_signature = '6',
	                            signature_algorithm = '10',
	                            operation_mode = '16',
	                        ),
	                    key_name = fints.formals.KeyName( # Schlüsselname
	                            bank_identifier = fints.formals.BankIdentifier(
	                                    country_identifier = '280',
	                                    bank_code = '76030080',
	                                ),
	                            user_id = ACCOUNTID,
	                            key_type = fints.formals.KeyType.S, # Schlüsselart: Signierschlüssel
	                            key_number = 0,
	                            key_version = 0,
	                        ),
	                ),
	                fints.segments.auth.HKIDN2( # Identifikation, version 2
	                    header = fints.formals.SegmentHeader('HKIDN', 3, 2), # Segmentkopf
	                    bank_identifier = fints.formals.BankIdentifier( # Kreditinstitutskennung
	                            country_identifier = '280',
	                            bank_code = '76030080',
	                        ),
	                    customer_id = ACCOUNTID, # Kunden-ID
	                    system_id = '0', # Kundensystem-ID
	                    system_id_status = fints.formals.SystemIDStatus.ID_NECESSARY, # Kundensystem-Status: Kundensystem-ID wird benötigt
	                ),
	                fints.segments.auth.HKVVB3( # Verarbeitungsvorbereitung, version 3
	                    header = fints.formals.SegmentHeader('HKVVB', 4, 3), # Segmentkopf
	                    bpd_version = 0, # BPD-Version
	                    upd_version = 0, # UPD-Version
	                    language = fints.formals.Language2.DE, # Dialogsprache: Deutsch, 'de', Subset Deutsch, Codeset 1 (Latin 1)
	                    product_name = 'DC333D745719C4BD6A6F9DB6A', # Produktbezeichnung
	                    product_version = '3.0.0', # Produktversion
	                ),
	                fints.segments.dialog.HKSYN3( # Synchronisierung, version 3
	                    header = fints.formals.SegmentHeader('HKSYN', 5, 3), # Segmentkopf
	                    synchronization_mode = fints.formals.SynchronizationMode.NEW_SYSTEM_ID, # Neue Kundensystem-ID zurückmelden
	                ),
	                fints.segments.message.HNSHA2( # Signaturabschluss, version 2
	                    header = fints.formals.SegmentHeader('HNSHA', 6, 2), # Segmentkopf
	                    security_reference = '3124035', # Sicherheitskontrollreferenz
	                    user_defined_signature = fints.formals.UserDefinedSignature( # Benutzerdefinierte Signatur
	                            pin = '***',
	                        ),
	                ),
	            ]),
	    ),
	    fints.segments.message.HNHBS1( # Nachrichtenabschluss
	        header = fints.formals.SegmentHeader('HNHBS', 7, 1), # Segmentkopf
	        message_number = 1, # Nachrichtennummer
	    ),
	])

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): brokerage-hbci.consorsbank.de:443
DEBUG:urllib3.connectionpool:https://brokerage-hbci.consorsbank.de:443 "POST /hbci HTTP/1.1" 200 None
DEBUG:fints.connection:Received <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
	fints.message.FinTSInstituteMessage([
	    fints.segments.message.HNHBK3( # Nachrichtenkopf
	        header = fints.formals.SegmentHeader('HNHBK', 1, 3), # Segmentkopf
	        message_size = 1719, # Größe der Nachricht (nach Verschlüsselung und Komprimierung)
	        hbci_version = 300, # HBCI-Version
	        dialog_id = '000003PF18OOKL2PME9FH225D7Q3JL', # Dialog-ID
	        message_number = 1, # Nachrichtennummer
	        reference_message = fints.formals.ReferenceMessage( # Bezugsnachricht
	                dialog_id = '000003PF18OOKL2PME9FH225D7Q3JL',
	                message_number = 1,
	            ),
	    ),
	    fints.segments.message.HNVSK3( # Verschlüsselungskopf, version 3
	        header = fints.formals.SegmentHeader('HNVSK', 998, 3), # Segmentkopf
	        security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil
	                security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren
	                security_method_version = 1, # Version des Sicherheitsverfahrens
	            ),
	        security_function = '998', # Sicherheitsfunktion, kodiert
	        security_role = fints.formals.SecurityRole.ISS, # Rolle des Sicherheitslieferanten, kodiert: Erfasser, Erstsignatur
	        security_identification_details = fints.formals.SecurityIdentificationDetails( # Sicherheitsidentifikation, Details
	                identified_role = fints.formals.IdentifiedRole.MR, # Message Receiver
	                cid = None,
	                identifier = '0',
	            ),
	        security_datetime = fints.formals.SecurityDateTime( # Sicherheitsdatum und -uhrzeit
	                date_time_type = fints.formals.DateTimeType.STS, # Sicherheitszeitstempel
	            ),
	        encryption_algorithm = fints.formals.EncryptionAlgorithm( # Verschlüsselungsalgorithmus
	                usage_encryption = fints.formals.UsageEncryption.OSY, # Owner Symmetric
	                operation_mode = fints.formals.OperationMode.CBC, # Cipher Block Chaining
	                encryption_algorithm = fints.formals.EncryptionAlgorithmCoded.TWOKEY3DES, # 2-Key-Triple-DES
	                algorithm_parameter_value = b'\x00\x00\x00\x00\x00\x00\x00\x00',
	                algorithm_parameter_name = fints.formals.AlgorithmParameterName.KYP, # Symmetrischer Schlüssel, verschlüsselt mit öffentlichem Schlüssel
	                algorithm_parameter_iv_name = fints.formals.AlgorithmParameterIVName.IVC, # Initialization value, clear text
	            ),
	        key_name = fints.formals.KeyName( # Schlüsselname
	                bank_identifier = fints.formals.BankIdentifier(
	                        country_identifier = '280',
	                        bank_code = '76030080',
	                    ),
	                user_id = ACCOUNTID,
	                key_type = fints.formals.KeyType.V, # Schlüsselart: Chiffrierschlüssel
	                key_number = 0,
	                key_version = 0,
	            ),
	        compression_function = fints.formals.CompressionFunction.NULL, # Komprimierungsfunktion: Keine Kompression
	    ),
	    fints.segments.message.HNVSD1( # Verschlüsselte Daten, version 1
	        header = fints.formals.SegmentHeader('HNVSD', 999, 1), # Segmentkopf
	        data = fints.types.SegmentSequence([ # Daten, verschlüsselt
	                fints.segments.dialog.HIRMG2( # Rückmeldungen zur Gesamtnachricht
	                    header = fints.formals.SegmentHeader('HIRMG', 2, 2), # Segmentkopf
	                    responses = [ # Rückmeldung
	                                fints.formals.Response( # Rückmeldung
	                                    code = '3060',
	                                    reference_element = None,
	                                    text = 'Teilweise liegen Warnungen/Hinweise vor.',
	                                ),
	                        ],
	                ),
	                fints.segments.dialog.HIRMS2( # Rückmeldungen zu Segmenten
	                    header = fints.formals.SegmentHeader('HIRMS', 3, 2, 3), # Segmentkopf
	                    responses = [ # Rückmeldung
	                                fints.formals.Response( # Rückmeldung
	                                    code = '0020',
	                                    reference_element = None,
	                                    text = 'Angemeldet.',
	                                ),
	                                fints.formals.Response( # Rückmeldung
	                                    code = '0901',
	                                    reference_element = None,
	                                    text = 'PIN gültig.',
	                                ),
	                        ],
	                ),
	                fints.segments.dialog.HIRMS2( # Rückmeldungen zu Segmenten
	                    header = fints.formals.SegmentHeader('HIRMS', 4, 2, 4), # Segmentkopf
	                    responses = [ # Rückmeldung
	                                fints.formals.Response( # Rückmeldung
	                                    code = '0020',
	                                    reference_element = None,
	                                    text = 'Informationen fehlerfrei entgegengenommen.',
	                                ),
	                                fints.formals.Response( # Rückmeldung
	                                    code = '3050',
	                                    reference_element = None,
	                                    text = 'BPD nicht mehr aktuell. Aktuelle Version folgt.',
	                                ),
	                                fints.formals.Response( # Rückmeldung
	                                    code = '3920',
	                                    reference_element = None,
	                                    text = 'Zugelassene Ein- und Zwei-Schritt-Verfahren für den Benutzer',
	                                    parameters = [
	                                            '900',
	                                        ],
	                                ),
	                        ],
	                ),
	                fints.segments.dialog.HIRMS2( # Rückmeldungen zu Segmenten
	                    header = fints.formals.SegmentHeader('HIRMS', 5, 2, 5), # Segmentkopf
	                    responses = [ # Rückmeldung
	                                fints.formals.Response( # Rückmeldung
	                                    code = '0020',
	                                    reference_element = None,
	                                    text = 'Die Synchronisierung der Kundensystem-ID war erfolgreich.',
	                                ),
	                        ],
	                ),
	                fints.segments.bank.HIBPA3( # Bankparameter allgemein, version 3
	                    header = fints.formals.SegmentHeader('HIBPA', 6, 3, 4), # Segmentkopf
	                    bpd_version = 1, # BPD-Version
	                    bank_identifier = fints.formals.BankIdentifier( # Kreditinstitutskennung
	                            country_identifier = '280',
	                            bank_code = '76030080',
	                        ),
	                    bank_name = 'Consors', # Kreditinstitutsbezeichnung
	                    number_tasks = 0, # Anzahl Geschäftsvorfallarten pro Nachricht
	                    supported_languages = fints.formals.SupportedLanguages2( # Unterstützte Sprachen
	                            languages = [
	                                    fints.formals.Language2.DE, # Deutsch, 'de', Subset Deutsch, Codeset 1 (Latin 1)
	                                    fints.formals.Language2.EN, # Englisch, 'en', Subset Englisch, Codeset 1 (Latin 1)
	                                ],
	                        ),
	                    supported_hbci_version = fints.formals.SupportedHBCIVersions2( # Unterstützte HBCI-Versionen
	                            versions = [
	                                    '201',
	                                    '210',
	                                    '220',
	                                    '300',
	                                    '400',
	                                ],
	                        ),
	                    max_message_length = 100, # Maximale Nachrichtengröße
	                ),
	                fints.segments.bank.HIKOM4( # Kommunikationszugang rückmelden, version 4
	                    header = fints.formals.SegmentHeader('HIKOM', 7, 4, 4), # Segmentkopf
	                    bank_identifier = fints.formals.BankIdentifier( # Kreditinstitutskennung
	                            country_identifier = '280',
	                            bank_code = '76030080',
	                        ),
	                    default_language = fints.formals.Language2.DE, # Standardsprache: Deutsch, 'de', Subset Deutsch, Codeset 1 (Latin 1)
	                    communication_parameters = [ # Kommunikationsparameter
	                                fints.formals.CommunicationParameter2( # Kommunikationsparameter
	                                    service_type = fints.formals.ServiceType2.HTTPS, # Kommunikationsdienst: https
	                                    address = 'https://brokerage-hbci.consorsbank.de/hbci', # Kommunikationsadresse
	                                    filter_function = 'MIM', # Filterfunktion
	                                    filter_function_version = 1, # Version der Filterfunktion
	                                ),
	                        ],
	                ),
	                fints.segments.accounts.HISPAS1( # SEPA-Kontoverbindung anfordern, Parameter, version 1
	                    header = fints.formals.SegmentHeader('HISPAS', 8, 1, 4), # Segmentkopf
	                    max_number_tasks = 1, # Maximale Anzahl Aufträge
	                    min_number_signatures = 1, # Anzahl Signaturen mindestens
	                    security_class = fints.formals.SecurityClass.NONE, # Sicherheitsklasse: Kein Sicherheitsdienst erforderlich
	                    parameter = fints.formals.GetSEPAAccountParameter1( # Parameter SEPA-Kontoverbindung anfordern
	                            single_account_query_allowed = True, # Einzelkontenabruf erlaubt
	                            national_account_allowed = True, # Nationale Kontoverbindung erlaubt
	                            structured_purpose_allowed = True, # Strukturierter Verwendungszweck erlaubt
	                            supported_sepa_formats = [ # Unterstützte SEPA-Datenformate
	                                    'urn:iso:std:iso:20022:tech:xsd:pain.001.001.03', # Unterstützte SEPA-Datenformate
	                                    'urn:iso:std:iso:20022:tech:xsd:pain.001.003.03', # Unterstützte SEPA-Datenformate
	                                    'urn:iso:std:iso:20022:tech:xsd:pain.001.002.03', # Unterstützte SEPA-Datenformate
	                                    'urn:swift:xsd:$pain.001.002.02', # Unterstützte SEPA-Datenformate
	                                    'sepade.pain.001.001.02.xsd', # Unterstützte SEPA-Datenformate
	                                ],
	                        ),
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIKAZS', 9, 7, 4), # Segmentkopf
	                    _additional_data = ['1', '1', '0', ['90', 'J', 'N']],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HISALS', 10, 3, 4), # Segmentkopf
	                    _additional_data = ['1', '1'],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIKAZS', 11, 6, 4), # Segmentkopf
	                    _additional_data = ['1', '1', '1', ['90', 'J', 'N']],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HICCSS', 12, 1, 4), # Segmentkopf
	                    _additional_data = ['1', '1', '0'],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIKAZS', 13, 5, 4), # Segmentkopf
	                    _additional_data = ['1', '1', ['90', 'J', 'N']],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIKAZS', 14, 4, 4), # Segmentkopf
	                    _additional_data = ['1', '1', ['90', 'J']],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('XIADAS', 15, 1, 4), # Segmentkopf
	                    _additional_data = ['1', '1'],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIKAZS', 16, 3, 4), # Segmentkopf
	                    _additional_data = ['1', '1', ['90', 'J']],
	                ),
	                fints.segments.auth.HITANS6(
	                    header = fints.formals.SegmentHeader('HITANS', 17, 6, 4), # Segmentkopf
	                    max_number_tasks = 1, # Maximale Anzahl Aufträge
	                    min_number_signatures = 1, # Anzahl Signaturen mindestens
	                    security_class = fints.formals.SecurityClass.NONE, # Sicherheitsklasse: Kein Sicherheitsdienst erforderlich
	                    parameter = fints.formals.ParameterTwostepTAN6(
	                            onestep_method_allowed = False,
	                            multiple_tasks_allowed = False,
	                            task_hash_algorithm = fints.formals.TaskHashAlgorithm.RIPEMD_160, # Auftrags-Hashwertverfahren: RIPEMD-160
	                            twostep_parameters = [
	                                        fints.formals.TwoStepParameters6(
	                                            security_function = '900', # Sicherheitsfunktion kodiert
	                                            tan_process = '2', # TAN-Prozess
	                                            tech_id = 'MS1.0.0', # Technische Identifikation TAN-Verfahren
	                                            zka_id = 'photoTAN', # ZKA TAN-Verfahren
	                                            zka_version = None, # Version ZKA TAN-Verfahren
	                                            name = 'SecurePlus', # Name des Zwei-Schritt-Verfahrens
	                                            max_length_input = 8, # Maximale Länge des Eingabewertes im Zwei-Schritt-Verfahren
	                                            allowed_format = fints.formals.AllowedFormat.NUMERIC, # Erlaubtes Format im Zwei-Schritt-Verfahren: numerisch
	                                            text_return_value = 'Secure Plus TAN', # Text zur Belegung des Rückgabewertes im Zwei-Schritt-Verfahren
	                                            max_length_return_value = 999, # Maximale Länge des Rückgabewertes im Zwei-Schritt-Verfahren
	                                            multiple_tans_allowed = True, # Mehrfach-TAN erlaubt
	                                            tan_time_dialog_association = fints.formals.TANTimeDialogAssociation.NOT_ALLOWED, # TAN Zeit- und Dialogbezug: TAN nicht zeitversetzt / dialogübergreifend erlaubt
	                                            cancel_allowed = False, # Auftragsstorno erlaubt
	                                            sms_charge_account_required = fints.formals.SMSChargeAccountRequired.MUST_NOT, # SMS-Abbuchungskonto erforderlich: SMS-Abbuchungskonto darf nicht angegeben werden
	                                            principal_account_required = fints.formals.PrincipalAccountRequired.MUST_NOT, # Auftraggeberkonto erforderlich: Auftraggeberkonto darf nicht angegeben werden
	                                            challenge_class_required = False, # Challenge-Klasse erforderlich
	                                            challenge_structured = True, # Challenge strukturiert
	                                            initialization_mode = fints.formals.InitializationMode.CLEARTEXT_PIN_NO_TAN, # Initialisierungsmodus: Initialisierungsverfahren mit Klartext-PIN und ohne TAN
	                                            description_required = fints.formals.DescriptionRequired.MUST_NOT, # Bezeichnung des TAN-Medium erforderlich: Bezeichnung des TAN-Mediums darf nicht angegeben werden
	                                            response_hhd_uc_required = True, # Antwort HHD_UC erforderlich
	                                            supported_media_number = 1, # Anzahl unterstützter aktiver TAN-Medien
	                                        ),
	                                ],
	                        ),
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIWPDS', 18, 2, 4), # Segmentkopf
	                    _additional_data = ['1', '1', 'J'],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIWPDS', 19, 6, 4), # Segmentkopf
	                    _additional_data = ['1', '1', '0', ['J', 'J', 'J']],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIWPDS', 20, 5, 4), # Segmentkopf
	                    _additional_data = ['1', '1', ['J', 'J', 'J']],
	                ),
	                fints.segments.journal.HIPROS4( # Statusprotokoll Parameter, version 4
	                    header = fints.formals.SegmentHeader('HIPROS', 21, 4, 4), # Segmentkopf
	                    max_number_tasks = 1, # Maximale Anzahl Aufträge
	                    min_number_signatures = 1, # Anzahl Signaturen mindestens
	                    security_class = fints.formals.SecurityClass.NONE, # Sicherheitsklasse: Kein Sicherheitsdienst erforderlich
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIWPDS', 22, 4, 4), # Segmentkopf
	                    _additional_data = ['1', '1', ['J', 'J', 'J']],
	                ),
	                fints.segments.journal.HIPROS3( # Statusprotokoll Parameter, version 3
	                    header = fints.formals.SegmentHeader('HIPROS', 23, 3, 4), # Segmentkopf
	                    max_number_tasks = 1, # Maximale Anzahl Aufträge
	                    min_number_signatures = 1, # Anzahl Signaturen mindestens
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HIWPDS', 24, 3, 4), # Segmentkopf
	                    _additional_data = ['1', '1', 'J'],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('XIADSS', 25, 1, 4), # Segmentkopf
	                    _additional_data = ['1', '1'],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HISALS', 26, 4, 4), # Segmentkopf
	                    _additional_data = ['1', '1'],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HISALS', 27, 5, 4), # Segmentkopf
	                    _additional_data = ['1', '1'],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('HISALS', 28, 6, 4), # Segmentkopf
	                    _additional_data = ['1', '1', '0'],
	                ),
	                fints.segments.base.FinTS3Segment(
	                    header = fints.formals.SegmentHeader('DIPINS', 29, 1, 4), # Segmentkopf
	                    _additional_data = ['1', '1', ['HKSPA', 'N', 'HKKAZ', 'N', 'HKSAL', 'N', 'HKCCS', 'J', 'XKADA', 'N', 'HKTAN', 'N', 'HKWPD', 'N', 'HKPRO', 'N', 'XKADS', 'N']],
	                ),
	                fints.segments.auth.HIPINS1( # PIN/TAN-spezifische Informationen, version 1
	                    header = fints.formals.SegmentHeader('HIPINS', 30, 1, 4), # Segmentkopf
	                    max_number_tasks = 1, # Maximale Anzahl Aufträge
	                    min_number_signatures = 1, # Anzahl Signaturen mindestens
	                    security_class = fints.formals.SecurityClass.NONE, # Sicherheitsklasse: Kein Sicherheitsdienst erforderlich
	                    parameter = fints.formals.ParameterPinTan( # Parameter PIN/TAN-spezifische Informationen
	                            transaction_tans_required = [
	                                        fints.formals.TransactionTanRequired(
	                                            transaction = 'HKSPA',
	                                            tan_required = False,
	                                        ),
	                                        fints.formals.TransactionTanRequired(
	                                            transaction = 'HKKAZ',
	                                            tan_required = False,
	                                        ),
	                                        fints.formals.TransactionTanRequired(
	                                            transaction = 'HKSAL',
	                                            tan_required = False,
	                                        ),
	                                        fints.formals.TransactionTanRequired(
	                                            transaction = 'HKCCS',
	                                            tan_required = True,
	                                        ),
	                                        fints.formals.TransactionTanRequired(
	                                            transaction = 'XKADA',
	                                            tan_required = False,
	                                        ),
	                                        fints.formals.TransactionTanRequired(
	                                            transaction = 'HKTAN',
	                                            tan_required = False,
	                                        ),
	                                        fints.formals.TransactionTanRequired(
	                                            transaction = 'HKWPD',
	                                            tan_required = False,
	                                        ),
	                                        fints.formals.TransactionTanRequired(
	                                            transaction = 'HKPRO',
	                                            tan_required = False,
	                                        ),
	                                        fints.formals.TransactionTanRequired(
	                                            transaction = 'XKADS',
	                                            tan_required = False,
	                                        ),
	                                ],
	                        ),
	                ),
	                fints.segments.dialog.HISYN4( # Synchronisierungsantwort
	                    header = fints.formals.SegmentHeader('HISYN', 31, 4, 5), # Segmentkopf
	                    system_id = '000003PF18PG4C3RRPFB2NON53UQ3K', # Kundensystem-ID
	                ),
	            ]),
	    ),
	    fints.segments.message.HNHBS1( # Nachrichtenabschluss
	        header = fints.formals.SegmentHeader('HNHBS', 32, 1), # Segmentkopf
	        message_number = 1, # Nachrichtennummer
	    ),
	])

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

DEBUG:fints.connection:Sending >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
	fints.message.FinTSCustomerMessage([
	    fints.segments.message.HNHBK3( # Nachrichtenkopf
	        header = fints.formals.SegmentHeader('HNHBK', 1, 3), # Segmentkopf
	        message_size = 423, # Größe der Nachricht (nach Verschlüsselung und Komprimierung)
	        hbci_version = 300, # HBCI-Version
	        dialog_id = '000003PF18OOKL2PME9FH225D7Q3JL', # Dialog-ID
	        message_number = 2, # Nachrichtennummer
	    ),
	    fints.segments.message.HNVSK3( # Verschlüsselungskopf, version 3
	        header = fints.formals.SegmentHeader('HNVSK', 998, 3), # Segmentkopf
	        security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil
	                security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren
	                security_method_version = 1, # Version des Sicherheitsverfahrens
	            ),
	        security_function = '998', # Sicherheitsfunktion, kodiert
	        security_role = fints.formals.SecurityRole.ISS, # Rolle des Sicherheitslieferanten, kodiert: Erfasser, Erstsignatur
	        security_identification_details = fints.formals.SecurityIdentificationDetails( # Sicherheitsidentifikation, Details
	                identified_role = fints.formals.IdentifiedRole.MS, # Message Sender
	                cid = None,
	                identifier = '000003PF18PG4C3RRPFB2NON53UQ3K',
	            ),
	        security_datetime = fints.formals.SecurityDateTime( # Sicherheitsdatum und -uhrzeit
	                date_time_type = fints.formals.DateTimeType.STS, # Sicherheitszeitstempel
	                date = datetime.date(2019, 12, 22),
	                time = datetime.time(20, 16, 35, 285589),
	            ),
	        encryption_algorithm = fints.formals.EncryptionAlgorithm( # Verschlüsselungsalgorithmus
	                usage_encryption = fints.formals.UsageEncryption.OSY, # Owner Symmetric
	                operation_mode = fints.formals.OperationMode.CBC, # Cipher Block Chaining
	                encryption_algorithm = fints.formals.EncryptionAlgorithmCoded.TWOKEY3DES, # 2-Key-Triple-DES
	                algorithm_parameter_value = b'\x00\x00\x00\x00\x00\x00\x00\x00',
	                algorithm_parameter_name = fints.formals.AlgorithmParameterName.KYE, # Symmetrischer Schlüssel, verschlüsselt mit symmetrischem Schlüssel
	                algorithm_parameter_iv_name = fints.formals.AlgorithmParameterIVName.IVC, # Initialization value, clear text
	            ),
	        key_name = fints.formals.KeyName( # Schlüsselname
	                bank_identifier = fints.formals.BankIdentifier(
	                        country_identifier = '280',
	                        bank_code = '76030080',
	                    ),
	                user_id = ACCOUNTID,
	                key_type = fints.formals.KeyType.V, # Schlüsselart: Chiffrierschlüssel
	                key_number = 0,
	                key_version = 0,
	            ),
	        compression_function = fints.formals.CompressionFunction.NULL, # Komprimierungsfunktion: Keine Kompression
	    ),
	    fints.segments.message.HNVSD1( # Verschlüsselte Daten, version 1
	        header = fints.formals.SegmentHeader('HNVSD', 999, 1), # Segmentkopf
	        data = fints.types.SegmentSequence([ # Daten, verschlüsselt
	                fints.segments.message.HNSHK4( # Signaturkopf, version 4
	                    header = fints.formals.SegmentHeader('HNSHK', 2, 4), # Segmentkopf
	                    security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil
	                            security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren
	                            security_method_version = 1, # Version des Sicherheitsverfahrens
	                        ),
	                    security_function = '999', # Sicherheitsfunktion, kodiert
	                    security_reference = '7835602', # Sicherheitskontrollreferenz
	                    security_application_area = fints.formals.SecurityApplicationArea.SHM, # Bereich der Sicherheitsapplikation, kodiert: Signaturkopf und HBCI-Nutzdaten
	                    security_role = fints.formals.SecurityRole.ISS, # Rolle des Sicherheitslieferanten, kodiert: Erfasser, Erstsignatur
	                    security_identification_details = fints.formals.SecurityIdentificationDetails( # Sicherheitsidentifikation, Details
	                            identified_role = fints.formals.IdentifiedRole.MS, # Message Sender
	                            cid = None,
	                            identifier = '000003PF18PG4C3RRPFB2NON53UQ3K',
	                        ),
	                    security_reference_number = 1, # Sicherheitsreferenznummer
	                    security_datetime = fints.formals.SecurityDateTime( # Sicherheitsdatum und -uhrzeit
	                            date_time_type = fints.formals.DateTimeType.STS, # Sicherheitszeitstempel
	                            date = datetime.date(2019, 12, 22),
	                            time = datetime.time(20, 16, 35, 285354),
	                        ),
	                    hash_algorithm = fints.formals.HashAlgorithm( # Hashalgorithmus
	                            usage_hash = '1',
	                            hash_algorithm = '999',
	                            algorithm_parameter_name = '1',
	                        ),
	                    signature_algorithm = fints.formals.SignatureAlgorithm( # Signaturalgorithmus
	                            usage_signature = '6',
	                            signature_algorithm = '10',
	                            operation_mode = '16',
	                        ),
	                    key_name = fints.formals.KeyName( # Schlüsselname
	                            bank_identifier = fints.formals.BankIdentifier(
	                                    country_identifier = '280',
	                                    bank_code = '76030080',
	                                ),
	                            user_id = ACCOUNTID,
	                            key_type = fints.formals.KeyType.S, # Schlüsselart: Signierschlüssel
	                            key_number = 0,
	                            key_version = 0,
	                        ),
	                ),
	                fints.segments.dialog.HKEND1( # Dialogende, version 1
	                    header = fints.formals.SegmentHeader('HKEND', 3, 1), # Segmentkopf
	                    dialog_id = '000003PF18OOKL2PME9FH225D7Q3JL', # Dialog-ID
	                ),
	                fints.segments.message.HNSHA2( # Signaturabschluss, version 2
	                    header = fints.formals.SegmentHeader('HNSHA', 4, 2), # Segmentkopf
	                    security_reference = '7835602', # Sicherheitskontrollreferenz
	                    user_defined_signature = fints.formals.UserDefinedSignature( # Benutzerdefinierte Signatur
	                            pin = '***',
	                        ),
	                ),
	            ]),
	    ),
	    fints.segments.message.HNHBS1( # Nachrichtenabschluss
	        header = fints.formals.SegmentHeader('HNHBS', 5, 1), # Segmentkopf
	        message_number = 2, # Nachrichtennummer
	    ),
	])

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): brokerage-hbci.consorsbank.de:443
DEBUG:urllib3.connectionpool:https://brokerage-hbci.consorsbank.de:443 "POST /hbci HTTP/1.1" 200 None
DEBUG:fints.connection:Received <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
	fints.message.FinTSInstituteMessage([
	    fints.segments.message.HNHBK3( # Nachrichtenkopf
	        header = fints.formals.SegmentHeader('HNHBK', 1, 3), # Segmentkopf
	        message_size = 312, # Größe der Nachricht (nach Verschlüsselung und Komprimierung)
	        hbci_version = 300, # HBCI-Version
	        dialog_id = '000003PF18OOKL2PME9FH225D7Q3JL', # Dialog-ID
	        message_number = 2, # Nachrichtennummer
	        reference_message = fints.formals.ReferenceMessage( # Bezugsnachricht
	                dialog_id = '000003PF18OOKL2PME9FH225D7Q3JL',
	                message_number = 2,
	            ),
	    ),
	    fints.segments.message.HNVSK3( # Verschlüsselungskopf, version 3
	        header = fints.formals.SegmentHeader('HNVSK', 998, 3), # Segmentkopf
	        security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil
	                security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren
	                security_method_version = 1, # Version des Sicherheitsverfahrens
	            ),
	        security_function = '998', # Sicherheitsfunktion, kodiert
	        security_role = fints.formals.SecurityRole.ISS, # Rolle des Sicherheitslieferanten, kodiert: Erfasser, Erstsignatur
	        security_identification_details = fints.formals.SecurityIdentificationDetails( # Sicherheitsidentifikation, Details
	                identified_role = fints.formals.IdentifiedRole.MR, # Message Receiver
	                cid = None,
	                identifier = '000003PF18PG4C3RRPFB2NON53UQ3K',
	            ),
	        security_datetime = fints.formals.SecurityDateTime( # Sicherheitsdatum und -uhrzeit
	                date_time_type = fints.formals.DateTimeType.STS, # Sicherheitszeitstempel
	            ),
	        encryption_algorithm = fints.formals.EncryptionAlgorithm( # Verschlüsselungsalgorithmus
	                usage_encryption = fints.formals.UsageEncryption.OSY, # Owner Symmetric
	                operation_mode = fints.formals.OperationMode.CBC, # Cipher Block Chaining
	                encryption_algorithm = fints.formals.EncryptionAlgorithmCoded.TWOKEY3DES, # 2-Key-Triple-DES
	                algorithm_parameter_value = b'\x00\x00\x00\x00\x00\x00\x00\x00',
	                algorithm_parameter_name = fints.formals.AlgorithmParameterName.KYP, # Symmetrischer Schlüssel, verschlüsselt mit öffentlichem Schlüssel
	                algorithm_parameter_iv_name = fints.formals.AlgorithmParameterIVName.IVC, # Initialization value, clear text
	            ),
	        key_name = fints.formals.KeyName( # Schlüsselname
	                bank_identifier = fints.formals.BankIdentifier(
	                        country_identifier = '280',
	                        bank_code = '76030080',
	                    ),
	                user_id = ACCOUNTID,
	                key_type = fints.formals.KeyType.V, # Schlüsselart: Chiffrierschlüssel
	                key_number = 0,
	                key_version = 0,
	            ),
	        compression_function = fints.formals.CompressionFunction.NULL, # Komprimierungsfunktion: Keine Kompression
	    ),
	    fints.segments.message.HNVSD1( # Verschlüsselte Daten, version 1
	        header = fints.formals.SegmentHeader('HNVSD', 999, 1), # Segmentkopf
	        data = fints.types.SegmentSequence([ # Daten, verschlüsselt
	                fints.segments.dialog.HIRMG2( # Rückmeldungen zur Gesamtnachricht
	                    header = fints.formals.SegmentHeader('HIRMG', 2, 2), # Segmentkopf
	                    responses = [ # Rückmeldung
	                                fints.formals.Response( # Rückmeldung
	                                    code = '0100',
	                                    reference_element = None,
	                                    text = 'Der Dialog wurde beendet.',
	                                ),
	                        ],
	                ),
	                fints.segments.dialog.HIRMS2( # Rückmeldungen zu Segmenten
	                    header = fints.formals.SegmentHeader('HIRMS', 3, 2, 3), # Segmentkopf
	                    responses = [ # Rückmeldung
	                                fints.formals.Response( # Rückmeldung
	                                    code = '0020',
	                                    reference_element = None,
	                                    text = 'Abgemeldet.',
	                                ),
	                        ],
	                ),
	            ]),
	    ),
	    fints.segments.message.HNHBS1( # Nachrichtenabschluss
	        header = fints.formals.SegmentHeader('HNHBS', 4, 1), # Segmentkopf
	        message_number = 2, # Nachrichtennummer
	    ),
	])

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

DEBUG:fints.connection:Sending >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
	fints.message.FinTSCustomerMessage([
	    fints.segments.message.HNHBK3( # Nachrichtenkopf
	        header = fints.formals.SegmentHeader('HNHBK', 1, 3), # Segmentkopf
	        message_size = 496, # Größe der Nachricht (nach Verschlüsselung und Komprimierung)
	        hbci_version = 300, # HBCI-Version
	        dialog_id = '0', # Dialog-ID
	        message_number = 1, # Nachrichtennummer
	    ),
	    fints.segments.message.HNVSK3( # Verschlüsselungskopf, version 3
	        header = fints.formals.SegmentHeader('HNVSK', 998, 3), # Segmentkopf
	        security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil
	                security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren
	                security_method_version = 2, # Version des Sicherheitsverfahrens
	            ),
	        security_function = '998', # Sicherheitsfunktion, kodiert
	        security_role = fints.formals.SecurityRole.ISS, # Rolle des Sicherheitslieferanten, kodiert: Erfasser, Erstsignatur
	        security_identification_details = fints.formals.SecurityIdentificationDetails( # Sicherheitsidentifikation, Details
	                identified_role = fints.formals.IdentifiedRole.MS, # Message Sender
	                cid = None,
	                identifier = '000003PF18PG4C3RRPFB2NON53UQ3K',
	            ),
	        security_datetime = fints.formals.SecurityDateTime( # Sicherheitsdatum und -uhrzeit
	                date_time_type = fints.formals.DateTimeType.STS, # Sicherheitszeitstempel
	                date = datetime.date(2019, 12, 22),
	                time = datetime.time(20, 16, 35, 556284),
	            ),
	        encryption_algorithm = fints.formals.EncryptionAlgorithm( # Verschlüsselungsalgorithmus
	                usage_encryption = fints.formals.UsageEncryption.OSY, # Owner Symmetric
	                operation_mode = fints.formals.OperationMode.CBC, # Cipher Block Chaining
	                encryption_algorithm = fints.formals.EncryptionAlgorithmCoded.TWOKEY3DES, # 2-Key-Triple-DES
	                algorithm_parameter_value = b'\x00\x00\x00\x00\x00\x00\x00\x00',
	                algorithm_parameter_name = fints.formals.AlgorithmParameterName.KYE, # Symmetrischer Schlüssel, verschlüsselt mit symmetrischem Schlüssel
	                algorithm_parameter_iv_name = fints.formals.AlgorithmParameterIVName.IVC, # Initialization value, clear text
	            ),
	        key_name = fints.formals.KeyName( # Schlüsselname
	                bank_identifier = fints.formals.BankIdentifier(
	                        country_identifier = '280',
	                        bank_code = '76030080',
	                    ),
	                user_id = ACCOUNTID,
	                key_type = fints.formals.KeyType.V, # Schlüsselart: Chiffrierschlüssel
	                key_number = 0,
	                key_version = 0,
	            ),
	        compression_function = fints.formals.CompressionFunction.NULL, # Komprimierungsfunktion: Keine Kompression
	    ),
	    fints.segments.message.HNVSD1( # Verschlüsselte Daten, version 1
	        header = fints.formals.SegmentHeader('HNVSD', 999, 1), # Segmentkopf
	        data = fints.types.SegmentSequence([ # Daten, verschlüsselt
	                fints.segments.message.HNSHK4( # Signaturkopf, version 4
	                    header = fints.formals.SegmentHeader('HNSHK', 2, 4), # Segmentkopf
	                    security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil
	                            security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren
	                            security_method_version = 1, # Version des Sicherheitsverfahrens
	                        ),
	                    security_function = '900', # Sicherheitsfunktion, kodiert
	                    security_reference = '1977795', # Sicherheitskontrollreferenz
	                    security_application_area = fints.formals.SecurityApplicationArea.SHM, # Bereich der Sicherheitsapplikation, kodiert: Signaturkopf und HBCI-Nutzdaten
	                    security_role = fints.formals.SecurityRole.ISS, # Rolle des Sicherheitslieferanten, kodiert: Erfasser, Erstsignatur
	                    security_identification_details = fints.formals.SecurityIdentificationDetails( # Sicherheitsidentifikation, Details
	                            identified_role = fints.formals.IdentifiedRole.MS, # Message Sender
	                            cid = None,
	                            identifier = '000003PF18PG4C3RRPFB2NON53UQ3K',
	                        ),
	                    security_reference_number = 1, # Sicherheitsreferenznummer
	                    security_datetime = fints.formals.SecurityDateTime( # Sicherheitsdatum und -uhrzeit
	                            date_time_type = fints.formals.DateTimeType.STS, # Sicherheitszeitstempel
	                            date = datetime.date(2019, 12, 22),
	                            time = datetime.time(20, 16, 35, 555454),
	                        ),
	                    hash_algorithm = fints.formals.HashAlgorithm( # Hashalgorithmus
	                            usage_hash = '1',
	                            hash_algorithm = '999',
	                            algorithm_parameter_name = '1',
	                        ),
	                    signature_algorithm = fints.formals.SignatureAlgorithm( # Signaturalgorithmus
	                            usage_signature = '6',
	                            signature_algorithm = '10',
	                            operation_mode = '16',
	                        ),
	                    key_name = fints.formals.KeyName( # Schlüsselname
	                            bank_identifier = fints.formals.BankIdentifier(
	                                    country_identifier = '280',
	                                    bank_code = '76030080',
	                                ),
	                            user_id = ACCOUNTID,
	                            key_type = fints.formals.KeyType.S, # Schlüsselart: Signierschlüssel
	                            key_number = 0,
	                            key_version = 0,
	                        ),
	                ),
	                fints.segments.auth.HKIDN2( # Identifikation, version 2
	                    header = fints.formals.SegmentHeader('HKIDN', 3, 2), # Segmentkopf
	                    bank_identifier = fints.formals.BankIdentifier( # Kreditinstitutskennung
	                            country_identifier = '280',
	                            bank_code = '76030080',
	                        ),
	                    customer_id = ACCOUNTID, # Kunden-ID
	                    system_id = '000003PF18PG4C3RRPFB2NON53UQ3K', # Kundensystem-ID
	                    system_id_status = fints.formals.SystemIDStatus.ID_NECESSARY, # Kundensystem-Status: Kundensystem-ID wird benötigt
	                ),
	                fints.segments.auth.HKVVB3( # Verarbeitungsvorbereitung, version 3
	                    header = fints.formals.SegmentHeader('HKVVB', 4, 3), # Segmentkopf
	                    bpd_version = 1, # BPD-Version
	                    upd_version = 0, # UPD-Version
	                    language = fints.formals.Language2.DE, # Dialogsprache: Deutsch, 'de', Subset Deutsch, Codeset 1 (Latin 1)
	                    product_name = 'DC333D745719C4BD6A6F9DB6A', # Produktbezeichnung
	                    product_version = '3.0.0', # Produktversion
	                ),
	                fints.segments.auth.HKTAN6( # Zwei-Schritt-TAN-Einreichung, version 6
	                    header = fints.formals.SegmentHeader('HKTAN', 5, 6), # Segmentkopf
	                    tan_process = '4', # TAN-Prozess
	                    segment_type = 'HKIDN', # Segmentkennung
	                    parameter_challenge_class = fints.formals.ParameterChallengeClass( # Parameter Challenge-Klasse
	                            parameters = [
	                                    None,
	                                    # 8 empty items skipped
	                                ],
	                        ),
	                ),
	                fints.segments.message.HNSHA2( # Signaturabschluss, version 2
	                    header = fints.formals.SegmentHeader('HNSHA', 6, 2), # Segmentkopf
	                    security_reference = '1977795', # Sicherheitskontrollreferenz
	                    user_defined_signature = fints.formals.UserDefinedSignature( # Benutzerdefinierte Signatur
	                            pin = '***',
	                        ),
	                ),
	            ]),
	    ),
	    fints.segments.message.HNHBS1( # Nachrichtenabschluss
	        header = fints.formals.SegmentHeader('HNHBS', 7, 1), # Segmentkopf
	        message_number = 1, # Nachrichtennummer
	    ),
	])

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): brokerage-hbci.consorsbank.de:443
DEBUG:urllib3.connectionpool:https://brokerage-hbci.consorsbank.de:443 "POST /hbci HTTP/1.1" 200 None
DEBUG:fints.connection:Received <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
	fints.message.FinTSInstituteMessage([
	    fints.segments.message.HNHBK3( # Nachrichtenkopf
	        header = fints.formals.SegmentHeader('HNHBK', 1, 3), # Segmentkopf
	        message_size = 211, # Größe der Nachricht (nach Verschlüsselung und Komprimierung)
	        hbci_version = 300, # HBCI-Version
	        dialog_id = '000003PF18QPG8989E84DQOTM8A6JH', # Dialog-ID
	        message_number = 1, # Nachrichtennummer
	        reference_message = fints.formals.ReferenceMessage( # Bezugsnachricht
	                dialog_id = '000003PF18QPG8989E84DQOTM8A6JH',
	                message_number = 1,
	            ),
	    ),
	    fints.segments.dialog.HIRMG2( # Rückmeldungen zur Gesamtnachricht
	        header = fints.formals.SegmentHeader('HIRMG', 2, 2), # Segmentkopf
	        responses = [ # Rückmeldung
	                    fints.formals.Response( # Rückmeldung
	                        code = '9800',
	                        reference_element = None,
	                        text = 'Der Dialog wurde abgebrochen.',
	                    ),
	                    fints.formals.Response( # Rückmeldung
	                        code = '9010',
	                        reference_element = None,
	                        text = 'Ungültiger Signaturaufbau: Fehler im Segmentaufbau.',
	                    ),
	            ],
	    ),
	    fints.segments.message.HNHBS1( # Nachrichtenabschluss
	        header = fints.formals.SegmentHeader('HNHBS', 3, 1), # Segmentkopf
	        message_number = 1, # Nachrichtennummer
	    ),
	])

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

Traceback (most recent call last):
  File "testscript.py", line 37, in <module>
    with f:
  File "/home/sonic/devel/projects/pynab-converter/venv/lib/python3.8/site-packages/fints/client.py", line 251, in __enter__
    self._standing_dialog.__enter__()
  File "/home/sonic/devel/projects/pynab-converter/venv/lib/python3.8/site-packages/fints/dialog.py", line 37, in __enter__
    self.init()
  File "/home/sonic/devel/projects/pynab-converter/venv/lib/python3.8/site-packages/fints/dialog.py", line 85, in init
    retval = self.send(*segments, internal_send=True)
  File "/home/sonic/devel/projects/pynab-converter/venv/lib/python3.8/site-packages/fints/dialog.py", line 156, in send
    self.client.process_response_message(self, response, internal_send=internal_send)
  File "/home/sonic/devel/projects/pynab-converter/venv/lib/python3.8/site-packages/fints/client.py", line 230, in process_response_message
    self._process_response(dialog, None, response)
  File "/home/sonic/devel/projects/pynab-converter/venv/lib/python3.8/site-packages/fints/client.py", line 1284, in _process_response
    raise FinTSClientError("Error during dialog initialization, could not fetch BPD. Please check that you "
fints.exceptions.FinTSClientError: Error during dialog initialization, could not fetch BPD. Please check that you passed the correct bank identifier to the HBCI URL of the correct bank.

[raphaelm]

The relevant log line is

Ungültiger Signaturaufbau: Fehler im Segmentaufbau.

But nothing looks wrong about the segments 🤔

[WolfgangKramer]

Your Log output:
fints.segments.message.HNSHK4( # Signaturkopf, version 4
header = fints.formals.SegmentHeader('HNSHK', 2, 4), # Segmentkopf
security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil
security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren
security_method_version = 1, # Version des Sicherheitsverfahrens

Change field security_method_version. It must be 2 in all messages using two-step-procedure .according to document

[raphaelm]

Can you cite which document exactly?

[WolfgangKramer]

ZKA Document :
https://www.hbci-zka.de/dokumente/spezifikation_deutsch/fintsv3/FinTS_3.0_Security_Sicherheitsverfahren_PINTAN_2018-02-23_final_version.pdf

Page 58:
B.9.1 DEG „Sicherheitsprofil“
Sicherheitsverfahren, Code „PIN“ : bei allen Nachrichten
Version des Sicherheitsverfahrens:
„1“ : bei allen Nachrichten, wenn Dialog im Einschritt-Verfahren
„2“ : bei allen Nachrichten, wenn Dialog im Zwei-Schritt-Verfahren

Last message received from the bank contains no challenge of TAN-input due to the wrong setting security_method_version=1.
First customer message (synchronisation) works with security_method_version=1, because CONSORS don't request "strong authenfication" in this case

[maxiimilian]

How can we use this to fix the issue? I am willing to help but I have almost no knowledge of how FinTS or this library work. I played around with my pycharm debugger inside the client.py file to force the client to use PinTanDummyEncryptionMechanism(2), i.e. security version 2, in every case. This did not yield any improvement. My init_tan_response is always None so I looked up how it is filled in dialog.py. It turns out that get_tan_mechanisms() for Consorsbank always returns None because self.bpd.segments is only an empty list. Here is where I hit a wall. I looked up how SegmentSequence objects are defined which is the type of bpd but I cannot find out where it should have been populated.

It seems, Consorsbank does not send any information on 1) that it requires a TAN and 2) which TAN methods they support. Maybe they do not implement the API correctly. However, Banking4A on Android is able to connect to Consorsbank after requesting a TAN. It should be possible somehow but their code is not accessible: https://subsembly.com/fints-api.html...

Could someone try pointing me into the correct direction? I can try to do the legwork.

[PetePriority]

It also works with Hibiscus / hcbi4java. Here are my logs for fetching transactions:

0} Synchronizing Account: Lohn/Gehalt/Rente Privat, IBAN <REDACTED> [BNP Paribas...eutschland]
HNHBK:1:3+000000000497+300+0+1'HNVSK:998:3+PIN:2+998+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1:20191009:143115+2:2:13:@8@��������:5:1+280:76030080:<REDACTED>:V:0:0+0'HNVSD:999:1+@303@HNSHK:2:4+PIN:2+900+1217806788+1+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1+1:20191009:143115+1:999:1+6:10:16+280:76030080:<REDACTED>:S:0:0'HKIDN:3:2+280:76030080+<REDACTED>+000003TGFQ2N83NP5R5MFEJ6L690RB+1'HKVVB:4:3+1+0+1+A44C2953982351617D475443E+2.8'HKTAN:5:6+4+HKIDN++++N'HNSHA:6:2+1217806788++<REDACTED>''HNHBS:7:1+1'
HNHBK:1:3+000000000585+300+000003TGG22D2H2GTFGEKCFCE90JGQ+1+000003TGG22D2H2GTFGEKCFCE90JGQ:1'HIRMG:2:2:+0010::Die Nachricht wurde entgegengenommen.'HIRMS:3:2:3+0030::Auftrag empfangen - Sicherheitsfreigabe erforderlich.+0901::PIN gültig.'HIRMS:4:2:4+0020::Informationen fehlerfrei entgegengenommen.+3920::Zugelassene Ein- und Zwei-Schritt-Verfahren für den Benutzer:900'HITAN:5:6:5+4++000003TGG22D2H2GTFGEKCFCE90JGQvb+Bitte TAN eingeben.'HNHBS:6:1+1'
HNHBK:1:3+000000000452+300+000003TGG22D2H2GTFGEKCFCE90JGQ+2'HNVSK:998:3+PIN:2+998+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1:20191009:143127+2:2:13:@8@��������:5:1+280:76030080:<REDACTED>:V:0:0+0'HNVSD:999:1+@229@HNSHK:2:4+PIN:2+900+1851964325+1+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1+1:20191009:143116+1:999:1+6:10:16+280:76030080:<REDACTED>:S:0:0'HKTAN:3:6+2+HKIDN+++000003TGG22D2H2GTFGEKCFCE90JGQvb+N'HNSHA:4:2+1851964325++<REDACTED>:07377448''HNHBS:5:1+2'
HNHBK:1:3+000000002373+300+000003TGG22D2H2GTFGEKCFCE90JGQ+2+000003TGG22D2H2GTFGEKCFCE90JGQ:2'HIRMG:2:2:+3060::Teilweise liegen Warnungen/Hinweise vor.'HIRMS:3:2:3+0020::Angemeldet.+3050::BPD nicht mehr aktuell. Aktuelle Version folgt.+3050::UPD nicht mehr aktuell. Aktuelle Version folgt.+3920::Zugelassene Ein- und Zwei-Schritt-Verfahren für den Benutzer:900'HITAN:4:6:3+2++000003TGG22D2H2GTFGEKCFCE90JGQvb'HIBPA:5:3:3+1+280:76030080+Consors+0+1:2+201:210:220:300:400+100'HIKOM:6:4:3+280:76030080+1+3:https?://brokerage-hbci.consorsbank.de/hbci::MIM:1'HISPAS:7:1:3+1+1+0+J:J:J:urn?:iso?:std?:iso?:20022?:tech?:xsd?:pain.001.002.03:urn?:swift?:xsd?:$pain.001.002.02:sepade.pain.001.001.02.xsd:urn?:iso?:std?:iso?:20022?:tech?:xsd?:pain.008.002.02:urn?:swift?:xsd?:$pain.008.002.01:sepade.pain.008.001.01.xsd'HIKAZS:8:7:3+1+1+0+30:J:N'HISALS:9:3:3+1+1'HIKAZS:10:6:3+1+1+1+90:J:N'HICCSS:11:1:3+1+1+0'HIKAZS:12:5:3+1+1+90:J:N'HIKAZS:13:4:3+1+1+90:J'XIADAS:14:1:3+1+1'HIKAZS:15:3:3+1+1+90:J'HITANS:16:6:3+1+1+0+N:N:1:900:2:MS1.0.0:photoTAN::SecurePlus:8:1:Secure Plus TAN:999:J:1:N:0:0:N:J:00:0:J:1'HIWPDS:17:2:3+1+1+J'HIWPDS:18:6:3+1+1+0+J:J:J'HIWPDS:19:5:3+1+1+J:J:J'HIPROS:20:4:3+1+1+0'HIWPDS:21:4:3+1+1+J:J:J'HIPROS:22:3:3+1+1'HIWPDS:23:3:3+1+1+J'XIADSS:24:1:3+1+1'HISALS:25:4:3+1+1'HISALS:26:5:3+1+1'HISALS:27:6:3+1+1+0'HIPINS:28:1:3+1+1+0+:::::HKSPA:N:HKKAZ:J:HKSAL:J:HKCCS:J:XKADA:N:HKTAN:N:HKWPD:N:HKPRO:N:XKADS:N'HIUPA:29:4:3+<REDACTED>+0+0+<REDACTED>'HIUPD:30:6:3+<REDACTED>::280:76030080++<REDACTED>++EUR+<REDACTED>++Depot++HKWPD:1+HKPRO:1'HIUPD:31:6:3+<REDACTED>::280:76030080+DE65760300800<REDACTED>+<REDACTED>++EUR+<REDACTED>++Lohn/Gehalt/Rente Privat++HKCCS:1+HKKAZ:1+HKSPA:1+HKSAL:1+HKPRO:1'HIUPD:32:6:3+<REDACTED>::280:76030080+DE74760300800<REDACTED>+<REDACTED>++EUR+<REDACTED>++Kontokorrentkonto Privat++HKCCS:1+HKKAZ:1+HKSPA:1+HKSAL:1+HKPRO:1'HIUPD:33:6:3+<REDACTED>::280:76030080+DE05760300800<REDACTED>+<REDACTED>++EUR+<REDACTED>++Tagesgeldkonto++HKCCS:1+HKKAZ:1+HKSPA:1+HKSAL:1+HKPRO:1'HIUPD:34:6:3+<REDACTED>::280:76030080+DE80760300800<REDACTED>+<REDACTED>++EUR+<REDACTED>++Lohn/Gehalt/Rente Privat++HKCCS:1+HKKAZ:1+HKSPA:1+HKSAL:1+HKPRO:1'HNHBS:35:1+2'
HNHBK:1:3+000000000442+300+000003TGG22D2H2GTFGEKCFCE90JGQ+3'HNVSK:998:3+PIN:2+998+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1:20191009:143128+2:2:13:@8@��������:5:1+280:76030080:<REDACTED>:V:0:0+0'HNVSD:999:1+@219@k:2:4+PIN:2+900+1949792619+1+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1+1:20191009:143128+1:999:1+6:10:16+280:76030080:<REDACTED>:S:0:0'HKSAL:3:6+<REDACTED>::280:76030080+N'HKTAN:4:6+4+HKSAL'HNSHA:5:2+1949792619++<REDACTED>''HNHBS:6:1+3'
HNHBK:1:3+000000000542+300+000003TGG22D2H2GTFGEKCFCE90JGQ+3+000003TGG22D2H2GTFGEKCFCE90JGQ:3'HIRMG:2:2:+3060::Teilweise liegen Warnungen/Hinweise vor.'HIRMS:3:2:3+0020::Der Auftrag wurde ausgeführt.+3076::Keine starke Authentifizierung erforderlich.'HISAL:4:6:3+<REDACTED>::280:76030080+Lohn/Gehalt/Rente Privat+EUR+C:<REDACTED>:EUR:20191008++3800,:EUR+10035,16:EUR'HITAN:5:6:4+4++noref+nochallenge'HNHBS:6:1+3'
HNHBK:1:3+000000000477+300+000003TGG22D2H2GTFGEKCFCE90JGQ+4'HNVSK:998:3+PIN:2+998+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1:20191009:143128+2:2:13:@8@��������:5:1+280:76030080:<REDACTED>:V:0:0+0'HNVSD:999:1+@254@HNSHK:2:4+PIN:2+900+1641636270+1+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1+1:20191009:143128+1:999:1+6:10:16+280:76030080:<REDACTED>:S:0:0'HKKAZ:3:7+DE65760300800<REDACTED>:CSDBDE71XXX:<REDACTED>::280:76030080+N'HKTAN:4:6+4+HKKAZ'HNSHA:5:2+1641636270++<REDACTED>''HNHBS:6:1+4'
HNHBK:1:3+000000022038+300+000003TGG22D2H2GTFGEKCFCE90JGQ+4+000003TGG22D2H2GTFGEKCFCE90JGQ:4'HIRMG:2:2:+3060::Teilweise liegen Warnungen/Hinweise vor.'HIRMS:3:2:3+0020::Der Auftrag wurde ausgeführt.+3076::Keine starke Authentifizierung erforderlich.'HIKAZ:4:7:3+@21586@
<TRANSACTIONS>
-'HITAN:5:6:4+4++noref+nochallenge'HNHBS:6:1+4'
HNHBK:1:3+000000000429+300+000003TGG22D2H2GTFGEKCFCE90JGQ+5'HNVSK:998:3+PIN:2+998+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1:20191009:143129+2:2:13:@8@��������:5:1+280:76030080:<REDACTED>:V:0:0+0'HNVSD:999:1+@206@HNSHK:2:4+PIN:2+900+1547567324+1+1+1::000003TGFQ2N83NP5R5MFEJ6L690RB+1+1:20191009:143129+1:999:1+6:10:16+280:76030080:<REDACTED>:S:0:0'HKEND:3:1+000003TGG22D2H2GTFGEKCFCE90JGQ'HNSHA:4:2+1547567324++<REDACTED>''HNHBS:5:1+5'
HNHBK:1:3+000000000312+300+000003TGG22D2H2GTFGEKCFCE90JGQ+5+000003TGG22D2H2GTFGEKCFCE90JGQ:5'HIRMG:2:2:+0100::Der Dialog wurde beendet.'HIRMS:3:2:3+0020::Abgemeldet.'HNHBS:4:1+5'

In all messages the security version is 2: HNSHK:2:4+PIN:2.

I also got hcbi4java's sample script UmsatzAbrufPinTan.java to work. If you're interested, here's a run-down of what I did:

1. Fill in USER, BLZ, and PIN
2. Modify the MyHBCICallback class to handle NEED_PT_TAN and NEED_PT_SECMECH. I did something like this:

            case NEED_PT_SECMECH:
                String code = "900";
                retData.replace(0, retData.length(), code);
                break;
            case NEED_PT_TAN:
                String flicker = retData.toString();
                if (flicker != null && flicker.length() > 0) {
                    throw new RuntimeException("Not implemented");
                } else {
                    // Ist smsTAN, iTAN, o.ae.
                    // Dialog zur TAN-Eingabe anzeigen mit dem Text aus "msg".
                    Scanner input = new Scanner(System.in);
                    System.out.println(msg);
                    String tan = input.next();
                    System.out.println("Got TAN: " + tan);
                    retData.replace(0, retData.length(), tan);
                    input.close();
                }
                break;

3. Getting the accounts with passport.getAccounts() doesn't always work. Sometimes the IBAN and BIC are not properly transmitted and/or parsed. Instead, fill them in manually, e.g.,

            Konto[] konten = passport.getAccounts();
            if (konten == null || konten.length == 0)
                error("Keine Konten ermittelbar");
            Konto k = konten[0];
            for (Konto konto:konten) {
                if (konto.number.equals("<KONTONUMMER>")) {
                    k = konto;
                    if (k.iban == null || k.bic == null) {
                        k.iban = "<IBAN>";
                        k.bic = "<BIC>";
                    }
                    break;
                }
            }
            if (k.iban == null) {
                throw new RuntimeException("Nope");
            }

[FHantke]

Hello,

I tried to modify the code in such a way that the secure method matches the hbci4java method:

# client.py
def fetch_tan_mechanisms(self):
    self.set_tan_mechanism('900')

# security.py
def sign_prepare(self, message: FinTSMessage):
    _now = datetime.datetime.now()
    rand = random.SystemRandom()
   
    self.pending_signature = HNSHK4(
    security_profile=SecurityProfile(SecurityMethod.PIN, 2),
    ...

As a response from Consorbank I receive:

fints.formals.Response( # Rückmeldung
    code = '9075',
    reference_element = None,
    text = 'Starke Authentifizierung erforderlich.',
)

In the FinTS Specs they say:
"Unterstützt ein Kreditinstitut die starke Kundenauthentifizierung mithilfe von HKTANab #6, so sollte ein Kundenprodukt in die Segmentfolge der Dialoginitialisierung grundlegend ein HKTAN-Segmentab #6 einstellen, um ggf. einen Rückmeldungscode 3075 bzw. 9075 zu vermeiden"

However, in client.py I found the comment "Implementing HKTAN#6 implies support for Strong Customer Authentication (SCA) which may require TANs for many more operations including dialog initialization. We do not currently support that."

My question is, does it mean that SCA/HKTAN#6 is not supported yet?
As I see it, Consorbank requires SCA for further requests, correct me, if I'm wrong.

I hope it helps solving the issue.

[maxbethke]

Your Log output:
fints.segments.message.HNSHK4( # Signaturkopf, version 4 header = fints.formals.SegmentHeader('HNSHK', 2, 4), # Segmentkopf security_profile = fints.formals.SecurityProfile( # Sicherheitsprofil security_method = fints.formals.SecurityMethod.PIN, # Sicherheitsverfahren security_method_version = 1, # Version des Sicherheitsverfahrens

Change field security_method_version. It must be 2 in all messages using two-step-procedure .according to document

How do you change this field?

[WolfgangKramer]

Each use of class HNSHK4 (SiganturKopf.) in messages must use class SecurityProfile with security_method_version = 2

e.g. security_profile=SecurityProfile(SecurityMethod.PIN, 2),

 class HNSHK4(FinTS3Segment):
    """Signaturkopf, version 4

  Source: FinTS Financial Transaction Services, Sicherheitsverfahren HBCI"""
  security_profile = DataElementGroupField(type=SecurityProfile, _d="Sicherheitsprofil")
  security_function = DataElementField(type='code', max_length=3, _d="Sicherheitsfunktion, kodiert")
  security_reference = DataElementField(type='an', max_length=14, _d="Sicherheitskontrollreferenz")
  security_application_area = CodeField(SecurityApplicationArea, max_length=3, _d="Bereich der Sicherheitsapplikation, kodiert")
  security_role = CodeField(SecurityRole, max_length=3, _d="Rolle des Sicherheitslieferanten, kodiert")
  security_identification_details = DataElementGroupField(type=SecurityIdentificationDetails, _d="Sicherheitsidentifikation, Details")
  security_reference_number = DataElementField(type='num', max_length=16, _d="Sicherheitsreferenznummer")
  security_datetime = DataElementGroupField(type=SecurityDateTime, _d="Sicherheitsdatum und -uhrzeit")
  hash_algorithm = DataElementGroupField(type=HashAlgorithm, _d="Hashalgorithmus")
  signature_algorithm = DataElementGroupField(type=SignatureAlgorithm, _d="Signaturalgorithmus")
  key_name = DataElementGroupField(type=KeyName, _d="Schlüsselname")
  certificate = DataElementGroupField(type=Certificate, required=False, _d="Zertifikat")

In FinTS you find setting of security_method_version=1 in module security.py / class PinTanAuthenticationMechanism.
I don't know if there are any side-effects if you change this line. In my project I used it this way - but I don't use batch-processing.

security_profile=SecurityProfile(SecurityMethod.PIN, 2)

Each message must contain a HKTAN6 segment, if BPD Data (Bankdata) announces a TAN challenge to use HKKAZ, HKWPD, HKSAL, ....

class PinTanAuthenticationMechanism(AuthenticationMechanism):
    def __init__(self, pin):
        self.pin = pin
        self.pending_signature = None
        self.security_function = None

    def sign_prepare(self, message: FinTSMessage):
        _now = datetime.datetime.now()
        rand = random.SystemRandom()

        self.pending_signature = HNSHK4(
        security_profile=SecurityProfile(SecurityMethod.PIN, 1),
        ............

[BerndDaBread]

I also got this problem, I tried the above but same output

[c4711]

Hi.
I have the same problem connecting to Consors as initially described by Pete. Is there a known workaround for this problem?
I was wondering about the log file which also contains this paragraph:
fints.segments.dialog.HIRMS2( # Rückmeldungen zu Segmenten header = fints.formals.SegmentHeader('HIRMS', 3, 2, 3), # Segmentkopf responses = [ # Rückmeldung fints.formals.Response( # Rückmeldung code = '0020', reference_element = None, text = 'Abgemeldet.', ), ], ),
Isn't this causing the problem? So that the relevant log line described by raphaelm (Ungültiger Signaturaufbau: Fehler im Segmentaufbau.) above is just a consequence as the bank already ended the dialog and logged out the user?
Best regards, Christian.