feat(settings): module-owned settings screen with change password, biometrics, and autofill

app/build.gradle.kts

@@ -10,6 +10,8 @@ plugins {
     alias(libs.plugins.koin.compiler)
     alias(libs.plugins.git.semantic.versioning)
     alias(libs.plugins.google.protobuf)
+
+    alias(libs.plugins.mikepenz.aboutlibraries)
 }
 
 versioning {
@@ -97,10 +99,11 @@ dependencies {
     implementation(libs.koin.androidx.compose)
     implementation(libs.koin.annotations)
 
+    implementation(libs.aboutlibraries.compose.m3)
+
     implementation(projects.rust)
     implementation(projects.core.item)
     implementation(projects.core.identity)
-    implementation(projects.core.security)
     implementation(projects.core.ui)
     implementation(projects.feature.auth)
     implementation(projects.feature.listScreen)
@@ -112,6 +115,7 @@ dependencies {
     implementation(projects.feature.totp)
     implementation(projects.feature.creditCard)
     implementation(projects.feature.autofill)
+    implementation(projects.feature.settings)
     implementation(projects.migrationCreateAccess)
 
     implementation(libs.androidx.core.ktx)

app/src/main/kotlin/de/davis/keygo/app/presentation/AppDestinations.kt

@@ -8,9 +8,11 @@ import androidx.compose.material.icons.filled.Settings
 import androidx.compose.ui.graphics.vector.ImageVector
 import de.davis.keygo.R
 import de.davis.keygo.core.presentation.model.RouteDestination
+import de.davis.keygo.core.ui.RouteDestination as UiRouteDestination
+import de.davis.keygo.feature.settings.presentation.SettingsGraphRoute
 
 enum class AppDestinations(
-    val route: RouteDestination,
+    val route: UiRouteDestination,
     @StringRes val label: Int,
     val icon: ImageVector,
     @StringRes val contentDescription: Int
@@ -23,7 +25,7 @@ enum class AppDestinations(
         R.string.connectivity
     ),
     SETTINGS(
-        RouteDestination.Settings,
+        SettingsGraphRoute,
         R.string.settings,
         Icons.Default.Settings,
         R.string.settings

app/src/main/kotlin/de/davis/keygo/app/presentation/MainActivity.kt

@@ -3,6 +3,8 @@ package de.davis.keygo.app.presentation
 import android.os.Bundle
 import androidx.activity.compose.setContent
 import androidx.activity.enableEdgeToEdge
+import androidx.compose.foundation.layout.fillMaxSize
+import androidx.compose.material3.Scaffold
 import androidx.compose.material3.SnackbarHost
 import androidx.compose.material3.SnackbarHostState
 import androidx.compose.material3.Text
@@ -14,6 +16,7 @@ import androidx.compose.runtime.CompositionLocalProvider
 import androidx.compose.runtime.getValue
 import androidx.compose.runtime.remember
 import androidx.compose.runtime.rememberCoroutineScope
+import androidx.compose.ui.Modifier
 import androidx.compose.ui.tooling.preview.Preview
 import androidx.compose.ui.tooling.preview.Wallpapers
 import androidx.fragment.app.FragmentActivity
@@ -25,6 +28,8 @@ import androidx.navigation.compose.currentBackStackEntryAsState
 import androidx.navigation.compose.dialog
 import androidx.navigation.compose.rememberNavController
 import androidx.navigation.navigation
+import com.mikepenz.aboutlibraries.ui.compose.android.produceLibraries
+import com.mikepenz.aboutlibraries.ui.compose.m3.LibrariesContainer
 import de.davis.keygo.app.presentation.component.KeyGoNavigationWrapper
 import de.davis.keygo.core.presentation.model.RouteDestination
 import de.davis.keygo.core.ui.theme.KeyGoTheme
@@ -35,6 +40,8 @@ import de.davis.keygo.dashboard.presentation.DetailType
 import de.davis.keygo.dashboard.presentation.dashboardGraph
 import de.davis.keygo.feature.auth.presentation.AuthRoute
 import de.davis.keygo.feature.auth.presentation.authGraph
+import de.davis.keygo.feature.settings.presentation.ChangePasswordRoute
+import de.davis.keygo.feature.settings.presentation.settingsGraph
 import de.davis.keygo.item.dialog.SelectItemContent
 import kotlinx.coroutines.launch
 import org.koin.compose.koinInject
@@ -155,11 +162,27 @@ private fun App() {
                     dashboardGraph(listNavigator = listNavigator)
                 }
 
+                settingsGraph(
+                    onOpenChangePassword = { navController.navigate(ChangePasswordRoute) },
+                    onShowLibraries = { navController.navigate(RouteDestination.Libraries) },
+                    onUp = { navController.navigateUp() },
+                )
+
                 composable<RouteDestination.Connectivity> {
                     Text("CONNECTIVITY")
                 }
-                composable<RouteDestination.Settings> {
-                    Text("SETTINGS")
+            }
+
+            composable<RouteDestination.Libraries> {
+                Scaffold(
+                    modifier = Modifier.fillMaxSize()
+                ) { innerPadding ->
+                    val libs by produceLibraries()
+                    LibrariesContainer(
+                        libraries = libs,
+                        modifier = Modifier.fillMaxSize(),
+                        contentPadding = innerPadding
+                    )
                 }
             }
         }

app/src/main/kotlin/de/davis/keygo/app/presentation/component/NavigationWrapper.kt

@@ -99,7 +99,7 @@ import de.davis.keygo.R
 import de.davis.keygo.app.presentation.AppDestinations
 import de.davis.keygo.core.item.generated.domain.model.VaultItemType
 import de.davis.keygo.core.item.generated.presentation.presentation
-import de.davis.keygo.core.presentation.model.RouteDestination
+import de.davis.keygo.core.ui.RouteDestination
 import kotlinx.coroutines.launch
 import kotlin.math.roundToInt
 import de.davis.keygo.core.ui.R as CoreUiR

app/src/main/kotlin/de/davis/keygo/core/presentation/model/RouteDestination.kt

@@ -1,10 +1,11 @@
 package de.davis.keygo.core.presentation.model
 
+import de.davis.keygo.core.ui.RouteDestination as UiRouteDestination
 import kotlinx.serialization.Serializable
 
-sealed interface RouteDestination {
+sealed interface RouteDestination : UiRouteDestination {
 
-    val graphDest: RouteDestination
+    override val graphDest: RouteDestination
         get() = this
 
     @Serializable
@@ -32,8 +33,8 @@ sealed interface RouteDestination {
     }
 
     @Serializable
-    data object Settings : RouteDestination {
+    data object Libraries : RouteDestination {
         override val graphDest: RouteDestination
-            get() = Settings
+            get() = Libraries
     }
 }

build.gradle.kts

@@ -10,4 +10,5 @@ plugins {
     alias(libs.plugins.google.ksp) apply false
     alias(libs.plugins.google.protobuf) apply false
     alias(libs.plugins.kotlin.jvm) apply false
+    alias(libs.plugins.mikepenz.aboutlibraries) apply false
 }

core/identity/build.gradle.kts

@@ -12,7 +12,7 @@ android {
 }
 
 dependencies {
-    implementation(projects.core.security)
+    api(projects.core.security)
     implementation(projects.core.item)
     implementation(projects.rust)
 

core/identity/src/main/kotlin/de/davis/keygo/core/identity/data/repository/AccountRepositoryImpl.kt

@@ -8,16 +8,19 @@ import de.davis.keygo.core.identity.di.annotation.AccountRegistryQualifier
 import de.davis.keygo.core.identity.domain.model.Account
 import de.davis.keygo.core.identity.domain.repository.AccountRepository
 import de.davis.keygo.core.util.Result
-import kotlinx.coroutines.flow.first
+import kotlinx.coroutines.flow.Flow
+import kotlinx.coroutines.flow.firstOrNull
+import kotlinx.coroutines.flow.map
 import org.koin.core.annotation.Single
 
 @Single
 internal class AccountRepositoryImpl(
     @param:AccountRegistryQualifier
     private val dataStore: DataStore<ProtoAccountState>,
 ) : AccountRepository {
+    override fun observe(): Flow<Account?> = dataStore.data.map { it.toDomain() }
 
-    override suspend fun getOrNull(): Account? = dataStore.data.first().toDomain()
+    override suspend fun getOrNull(): Account? = observe().firstOrNull()
 
     override suspend fun set(account: Account): Result<Unit, Unit> = runCatching {
         dataStore.updateData { account.toProto() }

core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/model/BiometricEnrollmentError.kt

@@ -0,0 +1,10 @@
+package de.davis.keygo.core.identity.domain.model
+
+import de.davis.keygo.core.security.domain.model.BiometricAuthError
+
+sealed interface BiometricEnrollmentError {
+    data object NoActiveAccount : BiometricEnrollmentError
+    data object WrappingFailed : BiometricEnrollmentError
+    data object PersistenceFailed : BiometricEnrollmentError
+    data class BiometricFailed(val error: BiometricAuthError) : BiometricEnrollmentError
+}

core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/model/ChangePasswordError.kt

@@ -0,0 +1,11 @@
+package de.davis.keygo.core.identity.domain.model
+
+sealed interface ChangePasswordError {
+
+    data object ActiveAccountNotFound : ChangePasswordError
+    data object IncorrectPassword : ChangePasswordError
+    data object BiometricNotEnrolled : ChangePasswordError
+    data object KeyDerivationFailed : ChangePasswordError
+    data object WrappingFailed : ChangePasswordError
+    data object PersistenceFailed : ChangePasswordError
+}

core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/model/Reauthentication.kt

@@ -0,0 +1,8 @@
+package de.davis.keygo.core.identity.domain.model
+
+sealed interface Reauthentication {
+
+    data class Password(val currentPassword: String) : Reauthentication
+
+    class Biometric(val recoveredArk: ByteArray) : Reauthentication
+}

core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/repository/AccountRepository.kt

@@ -2,6 +2,7 @@ package de.davis.keygo.core.identity.domain.repository
 
 import de.davis.keygo.core.identity.domain.model.Account
 import de.davis.keygo.core.util.Result
+import kotlinx.coroutines.flow.Flow
 
 /**
  * Persists account identity metadata and associated cryptographic key-wrapping data.
@@ -18,6 +19,12 @@ import de.davis.keygo.core.util.Result
  */
 interface AccountRepository {
 
+    /**
+     * Emits the currently active account (or null) and re-emits whenever the
+     * backing registry changes.
+     */
+    fun observe(): Flow<Account?>
+
     /**
      * Returns the currently active account, or null if no account is registered.
      */

core/identity/src/main/kotlin/de/davis/keygo/core/identity/domain/usecase/ChangePasswordUseCase.kt

@@ -0,0 +1,101 @@
+package de.davis.keygo.core.identity.domain.usecase
+
+import de.davis.keygo.core.identity.domain.model.ChangePasswordError
+import de.davis.keygo.core.identity.domain.model.PasswordWrappedArk
+import de.davis.keygo.core.identity.domain.model.Reauthentication
+import de.davis.keygo.core.identity.domain.repository.AccountRepository
+import de.davis.keygo.core.util.Result
+import de.davis.keygo.core.util.resultBinding
+import de.davis.keygo.rust.derive.KeyDeriver
+import de.davis.keygo.rust.derive.deriveRootKekFromPasswordWithResult
+import de.davis.keygo.rust.wrap.KeyWrapper
+import de.davis.keygo.rust.wrap.unwrapAccountRootKeyWithResult
+import de.davis.keygo.rust.wrap.wrapAccountRootKeyWithResult
+import de.davisalessandro.keygo.rust.WrappedKeyBlob
+import org.koin.core.annotation.Single
+
+@Single
+class ChangePasswordUseCase(
+    private val accountRepository: AccountRepository,
+    private val keyDeriver: KeyDeriver,
+    private val keyWrapper: KeyWrapper,
+) {
+
+    suspend operator fun invoke(
+        reauthentication: Reauthentication,
+        newPassword: String,
+    ): Result<Unit, ChangePasswordError> = try {
+        changePassword(reauthentication, newPassword)
+    } finally {
+        // We take ownership of the caller-supplied ARK: never leave a copy behind,
+        // even when an early validation bails out or re-wrapping fails part-way.
+        if (reauthentication is Reauthentication.Biometric) reauthentication.recoveredArk.fill(0)
+    }
+
+    private suspend fun changePassword(
+        reauthentication: Reauthentication,
+        newPassword: String,
+    ): Result<Unit, ChangePasswordError> = resultBinding {
+        val account = accountRepository.getOrNull()
+            ?: return Result.Failure(ChangePasswordError.ActiveAccountNotFound)
+
+        val ark = when (reauthentication) {
+            is Reauthentication.Password -> {
+                val kek = keyDeriver.deriveRootKekFromPasswordWithResult(
+                    password = reauthentication.currentPassword,
+                    salt = account.passwordWrappedArk.salt,
+                ).bind { ChangePasswordError.KeyDerivationFailed }
+
+                try {
+                    keyWrapper.unwrapAccountRootKeyWithResult(
+                        kek = kek,
+                        wrapped = WrappedKeyBlob(
+                            ciphertext = account.passwordWrappedArk.key,
+                            nonce = account.passwordWrappedArk.keyIV,
+                        ),
+                        userId = account.id,
+                    ).bind { ChangePasswordError.IncorrectPassword }
+                } finally {
+                    kek.fill(0)
+                }
+            }
+
+            is Reauthentication.Biometric -> {
+                account.biometricWrappedArk
+                    ?: return Result.Failure(ChangePasswordError.BiometricNotEnrolled)
+                reauthentication.recoveredArk
+            }
+        }
+
+        try {
+            val newSalt = keyDeriver.generateSalt()
+            val newKek = keyDeriver.deriveRootKekFromPasswordWithResult(
+                password = newPassword,
+                salt = newSalt,
+            ).bind { ChangePasswordError.KeyDerivationFailed }
+
+            val rewrapped = try {
+                keyWrapper.wrapAccountRootKeyWithResult(
+                    kek = newKek,
+                    ark = ark,
+                    userId = account.id,
+                ).bind { ChangePasswordError.WrappingFailed }
+            } finally {
+                newKek.fill(0)
+            }
+
+            accountRepository.set(
+                account.copy(
+                    passwordWrappedArk = PasswordWrappedArk(
+                        key = rewrapped.ciphertext,
+                        keyIV = rewrapped.nonce,
+                        salt = newSalt,
+                    ),
+                ),
+            ).bind { ChangePasswordError.PersistenceFailed }
+        } finally {
+            // Scrub the in-memory ARK on success *and* on every failure path after unwrap.
+            ark.fill(0)
+        }
+    }
+}

core/identity/src/main/kotlin/de/davis/keygo/core/identity/presentation/BiometricEnrollmentAdapter.kt

@@ -0,0 +1,19 @@
+package de.davis.keygo.core.identity.presentation
+
+import de.davis.keygo.core.identity.domain.model.BiometricEnrollmentError
+import de.davis.keygo.core.security.domain.model.BiometricPolicy
+import de.davis.keygo.core.security.presentation.BiometricCryptoController
+import de.davis.keygo.core.util.Result
+
+interface BiometricEnrollmentAdapter {
+
+    suspend fun BiometricCryptoController.requestEnableBiometric(
+        policy: BiometricPolicy = BiometricPolicy.Default
+    ): Result<Unit, BiometricEnrollmentError>
+
+    suspend fun disableBiometric(): Result<Unit, BiometricEnrollmentError>
+}
+
+inline fun BiometricEnrollmentAdapter.useEnrollmentAdapter(
+    block: BiometricEnrollmentAdapter.() -> Result<Unit, BiometricEnrollmentError>,
+): Result<Unit, BiometricEnrollmentError> = with(this) { block() }