canokeys / canokey-stm32 Goto Github PK

View Code? Open in Web Editor NEW

160.0 8.0 28.0 18.67 MB

An open-source USB security token powered by STM32

License: Apache License 2.0

CMake 0.01% C 97.33% Assembly 2.64% Shell 0.01% Python 0.01%

canokey-stm32's Introduction

CanoKey on STM32

CanoKey is an open-source USB/NFC security token, providing the following functions:

OpenPGP Card V3.4 (RSA, ECDSA, ED25519 supported)
PIV Card
TOTP / HOTP (RFC6238 / RFC4226)
U2F
FIDO2 (WebAuthn)

It works on modern Linux/Windows/macOS operating systems without additional driver required.

THERE IS ABSOLUTELY NO SECURITY ASSURANCE OR WARRANTY USING THE STM32 VERSION.

ANYONE WITH PHYSICAL ACCESS CAN RETRIEVE ANY DATA (INCLUDING SECRET KEYS) FROM THE KEY.

IT IS ALSO PRONE TO SIDE-CHANNEL ATTACKS.

YOU MUST USE IT AT YOUR OWN RISK.

A SECURE VERSION CAN BE FOUND AT https://canokeys.org

Hardware

This CanoKey-STM32 implementation is based on STM32L432KC MCU, which features a Cortex-M4 processor, 256KiB Flash, 64 KiB SRAM, and a full-speed USB controller.

CanoKey NFC-A

This official hardware design features a USB Type-A plug, NFC antenna and touch sensing. It's an open-source hardware design. Schematics and PCB design files are published at canokey-hardware.

NUCLEO-L432KC (Development Board)

For demonstration purposes, you may run this project on the NUCLEO-L432KC development board with the following hardware connection:

D2 (PA12) <-> USB D+
D10 (PA11) <-> USB D-
GND <-> USB GND

Then connect the micro USB on NUCLEO to PC for powering and firmware downloading.

The micro USB port on board connects to ST-LINK. Do not confuse it with USB signal pins of MCU.

The NFC and touch sensing functions are unavailable on NUCLEO board.

Build and test

Build the Firmware

Prerequisites:

CMake >= 3.6
GNU ARM Embedded Toolchain, downloaded from ARM
git (used to generate embedding version string)

Build steps:

# clone this repo and all the submodules
# in the top-level folder
mkdir build
cd build
cmake -DCROSS_COMPILE=<path-to-toolchain>/bin/arm-none-eabi- \
    -DCMAKE_TOOLCHAIN_FILE=../toolchain.cmake \
    -DCMAKE_BUILD_TYPE=Release ..
make canokey.bin

Then download the firmware file canokey.bin to the STM32 with flash programming tools (e.g., ST-Link Utility if you use the NUCLEO-L432KC, or the dfu-util, or the WebDFU).

Initialize and Test

Prerequisites:

Linux OS with pcscd, pcsc_scan and scriptor installed

Connect the CanoKey to PC, an USB CCID device should show up. The pcsc_scan command should be able to detect a smart card:

$ pcsc_scan
Using reader plug'n play mechanism
Scanning present readers...
0: Canokeys [OpenPGP PIV OATH] (00000000) 00 00
 
Sat Jan 22 20:26:49 2022
 Reader 0: Canokeys [OpenPGP PIV OATH] (00000000) 00 00
  Event number: 0
  Card state: Card inserted, 
  ATR: 3B F7 11 00 00 81 31 FE 65 43 61 6E 6F 6B 65 79 99

ATR: 3B F7 11 00 00 81 31 FE 65 43 61 6E 6F 6B 65 79 99
+ TS = 3B --> Direct Convention
+ T0 = F7, Y(1): 1111, K: 7 (historical bytes)
  TA(1) = 11 --> Fi=372, Di=1, 372 cycles/ETU
    10752 bits/s at 4 MHz, fMax for Fi = 5 MHz => 13440 bits/s
  TB(1) = 00 --> VPP is not electrically connected
  TC(1) = 00 --> Extra guard time: 0
  TD(1) = 81 --> Y(i+1) = 1000, Protocol T = 1 
-----
  TD(2) = 31 --> Y(i+1) = 0011, Protocol T = 1 
-----
  TA(3) = FE --> IFSC: 254
  TB(3) = 65 --> Block Waiting Integer: 6 - Character Waiting Integer: 5
+ Historical bytes: 43 61 6E 6F 6B 65 79
  Category indicator byte: 43 (proprietary format)
+ TCK = 99 (correct checksum)

Possibly identified card (using /home/zhang/.cache/smartcard_list.txt):
3B F7 11 00 00 81 31 FE 65 43 61 6E 6F 6B 65 79 99
        Canokey (Other)
        http://canokeys.org/

Then, initialize the CanoKey by running device-config-init.sh. This script will login as admin with default PIN 123456, set device serial number to current Unix timestamp, configure the NFC AFE chip (if presents), then write an attestation certificate used by FIDO. Refer to admin doc if you want to customize these steps.

$ cd utils
$ ./device-config-init.sh 'Canokeys [OpenPGP PIV OATH] (00000000) 00 00'
Reader name: Canokeys [OpenPGP PIV OATH] (00000000) 00 00
Using given card reader: Canokeys [OpenPGP PIV OATH] (00000000) 00 00
Using T=1 protocol
Reading commands from STDIN
> 00 A4 04 00 05 F0 00 00 00 00 
< 90 00 : Normal processing.
> 00 20 00 00 06 31 32 33 34 35 36 
< 90 00 : Normal processing.
> 00 FF 01 01 09 03 B0 05 72 03 00 B3 99 00 
< 6F 00 : No precise diagnosis.
> 00 FF 01 01 03 03 91 00 
< 90 00 : Normal processing.
> 00 FF 01 01 06 03 A0 44 00 04 20 
< 6F 00 : No precise diagnosis.
> 00 30 00 00 04 61 eb fc 55
< 90 00 : Normal processing.
> 00 01 00 00 20 cc d3 ee 4d ea 2a 3c ca d8 ce 3d 6a 47 f5 45 9c 80 79 7a d9 15 d6 f4 62 8b 5d 36 ef f2 76 d6 87
< 90 00 : Normal processing.
> 00 02 00 00 00 02 7b 30 82 02 77 30 82 01 5f a0 03 02 01 02 02 01 0d 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 31 31 2f 30 2d 06 03 55 04 03 0c 26 43 61 6e 6f 4b 65 79 73 20 46 49 44 4f 20 41 74 74 65 73 74 61 74 69 6f 6e 20 52 6f 6f 74 20 43 41 20 4e 6f 2e 31 30 1e 17 0d 32 30 30 37 31 35 30 31 35 35 30 30 5a 17 0d 33 30 30 34 31 34 30 31 35 35 30 30 5a 30 66 31 20 30 1e 06 03 55 04 03 0c 17 43 61 6e 6f 4b 65 79 20 53 65 72 69 61 6c 20 30 30 31 31 34 35 31 34 31 22 30 20 06 03 55 04 0b 0c 19 41 75 74 68 65 6e 74 69 63 61 74 6f 72 20 41 74 74 65 73 74 61 74 69 6f 6e 31 11 30 0f 06 03 55 04 0a 0c 08 43 61 6e 6f 4b 65 79 73 31 0b 30 09 06 03 55 04 06 13 02 43 4e 30 59 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 42 00 04 06 5c 77 8f 90 f3 5b 30 fc 64 c0 ff db 6a ea 64 bb c7 bd c5 63 89 01 60 96 c2 6d ac 83 cf 54 63 47 07 d0 57 72 e2 55 06 4a 55 c4 00 c7 d3 67 32 4a b6 26 82 e3 58 22 06 1e b9 9a 52 2c 97 54 99 a3 30 30 2e 30 09 06 03 55 1d 13 04 02 30 00 30 21 06 0b 2b 06 01 04 01 82 e5 1c 01 01 04 04 12 00 00 24 4e b2 9e e0 90 4e 49 81 fe 1f 20 f8 d3 b8 f4 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 40 e1 20 47 e0 53 70 85 8c 1b db 55 db a6 8b 1e 4c a3 9a c6 e4 54 b5 d9 e9 35 65 04 7a c8 0a 3e 9a 9f 61 79 ec 86 d4 e5 87 20 a3 4b 1c 60 21 98 71 a4 6d c4 a4 5a 22 bd f4 aa c4 0a c4 b1 c3 5d ad 4c 1f 52 a0 ec 22 0c 53 38 54 57 55 2b 83 a6 71 9a ad 1d 03 1e a6 30 87 f7 17 d1 53 86 96 88 17 6d 14 4e 9e d5 b9 f2 50 38 5a 86 c6 75 50 fa 42 f9 1d ec 3d 03 35 13 d4 fc 20 fc 44 e4 86 cd a2 21 99 a6 1b 42 23 fe 56 36 6b 2c ed 45 39 fc 47 32 bb 25 92 08 fb 0f e6 c3 2f 14 3c 87 af f5 11 36 3a fc 5a 62 19 dd b3 b6 e4 b7 88 e3 7f 31 b6 a3 8a 24 79 10 1b 16 e0 ec 87 23 0c 48 b4 33 2a 9b 8c 78 fd 1e 91 fe 45 e6 eb 32 22 eb 91 72 0d e5 f2 1f 52 52 bf e7 5a 61 7b f7 15 c4 4b 01 48 8b 40 35 4e 39 8c 80 5c a7 99 df c6 4c 27 75 43 cd 1f 96 8d a1 f2 2c 9e a5 d1 ea 87 41 64 02
< 90 00 : Normal processing.

After initialization, you are free to use CanoKey with applications, such as:

GPG, e.g. gpg --card-status
SSH with pkcs11, e.g. ssh -I /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so user@host
piv-tool
Websites with U2F enabled, e.g., https://github.com/settings/security
Websites with WebAuthn enabled, e.g., https://webauthn.me/
CanoKey Web Console: https://console.canokeys.org/

Internals

The hardware-independent code (including applets, storage, cryptography and USB stack) is in a submodule named canokey-core.

Major hardware-dependent components in this repo:

Drivers: STM32 HAL Drivers
Src/device.c: Hardware operations called by canokey-core
Src/lfs_init.c: Flash operations used by file system
Src/main.c: Hardware initialization
Src/usbd_conf.c: USB interface
Src/retarget.c: Glue logic between printf and UART
Src/admin_vendor.c: Vendor-specific commands implementation

Documentation

Check out our official documentation.

License

All software, unless otherwise noted, is licensed under Apache 2.0.

Unless you explicitly state, otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license without any additional terms or conditions.

All hardware, unless otherwise noted, is dual licensed under CERN and CC-BY-SA. You may use CanoKey hardware under the terms of either the CERN 1.2 license or CC-BY-SA 4.0 license.

All documentation, unless otherwise noted, is licensed under CC-BY-SA. You may use CanoKey documentation under the terms of the CC-BY-SA 4.0 license

canokey-stm32's People

Contributors

Stargazers

Watchers

canokey-stm32's Issues

Question: can canokey be ran on other stm32 chips

Can I run canokey firmware on the STM32F103T8U6 or would I have to modify the firmware in some way to do so?

device-config-init.sh reports `Command not allowed. Security status not satisfied.` against v2.3 tag

$ ./device-config-init.sh 'Canokeys Canokey [OpenPGP PIV OATH] (00000000) 00 00'
Reader name: Canokeys Canokey [OpenPGP PIV OATH] (00000000) 00 00
Using given card reader: Canokeys Canokey [OpenPGP PIV OATH] (00000000) 00 00
Using T=1 protocol
Reading commands from STDIN
> 00 A4 04 00 05 F0 00 00 00 00 
< 90 00 : Normal processing.
> 00 20 00 00 06 31 31 31 31 31 31 
< 63 C2 : State of non-volatile memory changed. Counter: 0x2
> 00 FF 01 01 09 03 B0 05 72 03 00 B3 99 00 
< 69 82 : Command not allowed. Security status not satisfied.
> 00 FF 01 01 03 03 91 00 
< 69 82 : Command not allowed. Security status not satisfied.
> 00 FF 01 01 06 03 A0 44 00 04 20 
< 69 82 : Command not allowed. Security status not satisfied.
> 00 30 00 00 04 61 eb f8 8e 
< 69 82 : Command not allowed. Security status not satisfied.
> 00 01 00 00 20 46 5b 44 5d 8e 78 34 53 f7 4b 90 00 d2 20 32 51 99 5e 12 dc d1 21 a1 9c ea 09 5a fc f8 e9 eb 75
< 69 82 : Command not allowed. Security status not satisfied.
> 00 02 00 00 00 02 7b 30 82 02 77 30 82 01 5f a0 03 02 01 02 02 01 15 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 31 31 2f 30 2d 06 03 55 04 03 0c 26 43 61 6e 6f 4b 65 79 73 20 46 49 44 4f 20 41 74 74 65 73 74 61 74 69 6f 6e 20 52 6f 6f 74 20 43 41 20 4e 6f 2e 31 30 1e 17 0d 32 31 31 30 32 37 31 36 33 31 31 39 5a 17 0d 33 31 30 37 32 37 31 36 33 31 31 39 5a 30 66 31 20 30 1e 06 03 55 04 03 0c 17 43 61 6e 6f 4b 65 79 20 53 65 72 69 61 6c 20 31 31 31 31 31 31 31 31 31 22 30 20 06 03 55 04 0b 0c 19 41 75 74 68 65 6e 74 69 63 61 74 6f 72 20 41 74 74 65 73 74 61 74 69 6f 6e 31 11 30 0f 06 03 55 04 0a 0c 08 43 61 6e 6f 4b 65 79 73 31 0b 30 09 06 03 55 04 06 13 02 43 4e 30 59 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 42 00 04 2c 11 4a 50 45 41 4a 6b 22 8c 0c c4 f7 7a 18 fc 5d 1c 6e 97 54 e7 af 94 72 44 fe c7 60 7c ed 5a c8 a0 3a 74 e3 80 86 b1 b5 f2 d7 2e 5d 2a cf 51 77 38 2e 2f 60 76 e5 25 e7 9a 92 a5 a1 a6 0b 2c a3 30 30 2e 30 09 06 03 55 1d 13 04 02 30 00 30 21 06 0b 2b 06 01 04 01 82 e5 1c 01 01 04 04 12 04 10 24 4e b2 9e e0 90 4e 49 81 fe 1f 20 f8 d3 b8 f4 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 7c 28 27 67 06 65 d6 31 78 da e8 9e c0 ac 93 c1 b5 d2 56 af f6 1d 0b 01 5d c1 1a 04 f5 c2 f7 00 9b ac f6 af e0 c9 23 93 b4 9f e0 7e b1 22 d8 be 0f a8 9d 32 5f 53 78 e4 11 90 b2 58 a1 0c 0f 0d 07 68 db ea 4e b5 0c ff 7e 7a 93 80 cc 51 a0 6d 49 1b 28 34 57 b5 cd f0 c3 1c 32 9e cb 5a 9d 32 44 d0 6b 9a 7b 7b 56 fe 6f ac b7 a8 51 55 57 39 5d e2 0e ba dd e8 25 64 72 9f 88 fc 93 1b ff 62 3e f2 d3 1c 6f d4 f7 be fc ea 51 86 bd ff 78 da ef 92 3b c2 3e e5 5c b9 3c 4c f2 ff 09 f8 77 a7 2d 87 7e 8d 3a 08 a2 ec 1d f4 5c b9 7c 8b 86 da c0 fb 5b b9 22 80 19 18 31 e4 69 a2 92 a4 7e 83 75 d0 60 5d 7d 41 9c bf 56 74 cb 6a c4 48 96 8c 8a 63 df e2 1c af 49 b9 3d af 29 86 0a 7a c7 8c 4e 73 05 a9 8d 1d b4 d4 33 6c 0b 64 af 3a b1 e1 b7 29 de 3b e6 6b db f2 59 a4 60 4c 68 72 47 7a
< 69 82 : Command not allowed. Security status not satisfied.

Question: can this run without nfc and touch sensing and if so how?

I’m creating my own usb security key for personal experimentation with the stm32 ecosystem and I was wondering do I need the nfc antenna and touch sensing for the authentication part to work or should I rework my pcb to include button input

to support building in windows

for vscode + mingw64 + git + cmake:

we may change the toolchain.cmake

option(CROSS_COMPILE "Path to cross compiler" /usr/bin/arm-none-eabi-)

set(triple arm-none-eabi)
set(CMAKE_SYSTEM_NAME Generic)
SET(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)

if (CMAKE_HOST_WIN32)
    set (SUFFIX .exe)
else()
    set (SUFFIX "")
endif()

set(CMAKE_C_COMPILER "${CROSS_COMPILE}gcc${SUFFIX}")
set(CMAKE_C_COMPILER_TARGET ${triple})
set(CMAKE_CXX_COMPILER "${CROSS_COMPILE}g++${SUFFIX}")
set(CMAKE_CXX_COMPILER_TARGET ${triple})
set(CMAKE_ASM_COMPILER "${CROSS_COMPILE}gcc${SUFFIX}")
set(CMAKE_ASM_COMPILER_TARGET ${triple})

and launch the cmake with

# in Git Bash Shell (vscode)
WIN1024@DESKTOP-EEO63ML MINGW64 /e/Canokey/canokey-stm32/build (master)

$ cmake \
    -G "MinGW Makefiles" 
    -DCROSS_COMPILE=/d/armgcc10/bin/arm-none-eabi- \
    -DCMAKE_TOOLCHAIN_FILE=../toolchain.cmake \
    -DCMAKE_BUILD_TYPE=Release ..

$ make -j4

Can canokey be ran on other chips in the stm32 ecosystem

Can I run canokey firmware on the STM32F103T8U6 or would I have to modify the firmware in some way to do so?

卡内生成 25519 密钥失败

输出：

+ echo -e 'admin\nkey-attr\n2\n1\n2\n1\n2\n1\n'
+ gpg --command-fd 0 --yes --expert --edit-card

Reader ...........: Kingtrust Multi-Reader
Application ID ...: D2760001240103048086001145140000
Application type .: OpenPGP
Version ..........: 3.4
Manufacturer .....: unknown
Serial number ....: 00114514
Name of cardholder: [not set]
Language prefs ...: [not set]
Salutation .......:
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

Admin commands are allowed

Changing card key attribute for: Signature key
Please select what kind of key you want:
   (1) RSA
   (2) ECC
Please select which elliptic curve you want:
   (1) Curve 25519
   (3) NIST P-256
   (4) NIST P-384
   (5) NIST P-521
   (6) Brainpool P-256
   (7) Brainpool P-384
   (8) Brainpool P-512
   (9) secp256k1
The card will now be re-configured to generate a key of type: ed25519
Note: There is no guarantee that the card supports the requested size.
      If the key generation does not succeed, please check the
      documentation of your card to see what sizes are allowed.
Changing card key attribute for: Encryption key
Please select what kind of key you want:
   (1) RSA
   (2) ECC
Please select which elliptic curve you want:
   (1) Curve 25519
   (3) NIST P-256
   (4) NIST P-384
   (5) NIST P-521
   (6) Brainpool P-256
   (7) Brainpool P-384
   (8) Brainpool P-512
   (9) secp256k1
The card will now be re-configured to generate a key of type: cv25519
Changing card key attribute for: Authentication key
Please select what kind of key you want:
   (1) RSA
   (2) ECC
Please select which elliptic curve you want:
   (1) Curve 25519
   (3) NIST P-256
   (4) NIST P-384
   (5) NIST P-521
   (6) Brainpool P-256
   (7) Brainpool P-384
   (8) Brainpool P-512
   (9) secp256k1
The card will now be re-configured to generate a key of type: ed25519


Reader ...........: Kingtrust Multi-Reader
Application ID ...: D2760001240103048086001145140000
Application type .: OpenPGP
Version ..........: 3.4
Manufacturer .....: unknown
Serial number ....: 00114514
Name of cardholder: [not set]
Language prefs ...: [not set]
Salutation .......:
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: ed25519 cv25519 ed25519
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

+ Addcardkey 1
+ echo -e 'addcardkey\n1\n0\nsave\n'
+ gpg --command-fd 0 --yes --expert --edit-key D98CE1F96F954396
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec  rsa2048/D98CE1F96F954396
     created: 2020-05-28  expires: never       usage: SCEA
     trust: ultimate      validity: ultimate
ssb  rsa2048/7C8668C751BA54C2
     created: 2020-05-28  expires: never       usage: SEA
ssb  rsa2048/DCF3DCAB0EFE1D16
     created: 2020-05-28  expires: never       usage: S
     card-no: 8086 00114514
ssb  rsa2048/F1750C70A50E7251
     created: 2020-05-28  expires: never       usage: E
     card-no: 8086 00114514
[ultimate] (1). Someone <[email protected]>

Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]

Please select the type of key to generate:
   (1) Signature key
   (2) Encryption key
   (3) Authentication key
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key does not expire at all
gpg: Key generation failed: File exists

Key not changed so no update needed.

GPG 调试信息：

gpg: DBG: chan_4 -> SCD GENKEY --timestamp=20200528T140952 --force 1
gpg: DBG: chan_4 <- S KEY-CREATED-AT 1590674992
gpg: DBG: chan_4 <- S KEY-DATA q 400000000000000000000000000000000000000000000000000000000000000000
gpg: DBG: chan_4 <- S KEY-DATA curve 092B06010401DA470F01
gpg: DBG: chan_4 <- S KEY-FPR B2047119D0E3C80CA028B49D7126FD65F6A88F05
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> RESET
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> READKEY --card OPENPGP.1
gpg: DBG: chan_4 <- ERR 67141667 File exists <GPG Agent>
gpg: Key generation failed: File exists
gpg: DBG: chan_4 -> SCD SETATTR CHV-STATUS-1 %00
gpg: DBG: chan_4 <- OK

ManagementKey. What it is?

Good day.
In the service "CanoKey Web Console", when trying to enter OpenPGP, a ManagementKey is required.
What it is? How do you recognize him? How can I change it?
In the JS code of the page, APDU commands were found to change it, their execution was unsuccessful .......

current git head fails to run on Nucleo L432 board

Using the firmware built from v2.3 tag works just fine (I only tried gpg2 --card-status). However, the git head today fails to run. It fails with

[ 3640.279755] usb 3-3.1: new full-speed USB device number 69 using xhci_hcd
[ 3640.293110] usb 3-3.1: unable to read config index 0 descriptor/start: -61
[ 3640.293119] usb 3-3.1: can't read configurations, error -61
[ 3640.471751] usb 3-3.1: new full-speed USB device number 70 using xhci_hcd
[ 3640.485040] usb 3-3.1: unable to read config index 0 descriptor/start: -61
[ 3640.485047] usb 3-3.1: can't read configurations, error -61
[ 3640.485125] usb 3-3-port1: unable to enumerate USB device

I guess it's caused by the following commit 8cd894a

HAL vs LL

Good day.
What is the point of creating a project on HAL, and then use the call from LL. Isn't it better to use one? Why produce libraries in the project .......

Добрый день.
Какой смысл в создание проекта на HAL, а затем использовать вызов из LL. Разве не лучше использовать что-то одно? Зачем плодить библиотеки в проекте .......