Element-android: KitKat support

We may consider to support only API 21+ as it represents currently 99% of the number of installations of the current Riot (not X) installation.
For the sake of security and also to simplified developement (ex: by allowing usage of attribute in drawables)

Also: https://twitter.com/minsdkversion :)

What I've put into #94 worked for me back in March on a 4.4 device.

We may consider to support only API 21+ as it represents currently 99% of the number of installations of the current Riot (not X) installation.

That might be due to a catch-22. I know I haven't pushed some kitkat users to Matrix because I was finding the Riot Android too poor for them. The kitkat marketshare might be bigger in the less-tech-savvy that Riot hasn't reached yet. Well, that's an hypothesis, but I don't see that specific reason as being a valid one.

Edit: I've pushed Kitkat users to lineageos instead. Here comes Android 10 :)

I would prefer it, if Android 4.4 support could be restored for now, as SailfishOS and its Android emulation only supports 4.4 (aside from the XA2 releases, which are out of beta since only about a week). There are multiple projects implementing matrix clients for Sailfish, but they are not quite ready yet, so RiotX support for at least the next year or so would be preferable.

(The Android emulation on Sailfish supports TLS1.2 since the latest update)

Thanks that Riot was fixed to run again on Android 4.4, please do not consider to replace it with an app with which you and I can't communicate anymore.
The number of installations will increase over time, number of supported platforms and hasslefree
operation.
Concering TSL1.2 support in kitkat, the issue seems to be partly addressable
https://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/
https://medium.com/tech-quizlet/working-with-tls-1-2-on-android-4-4-and-lower-f4f5205629a

Should we change okhttp:3.14.1 with 3.12.5? If not I think we should update minSdkVersion to 21.

Kitkat supposed 6.9% of Android devices at May 2019, according to Google Play stats:
https://developer.android.com/about/dashboards

FYI, the exchange okhttp:3.14.1 with 3.12.5 builds in android studio and runs on kitkat Galaxy S3,
after an internediate crash during initial sync, on second run.

I have an Amazon Fire Phone so I'm stuck with Android KitKat and am unable to upgrade it to a newer version. RiotX crashes on KitKat.
Maybe I should get a new phone, but phones cost quite a bit of money and I'm young and have no job. I guess I should blame my dad for buying me a stupid Amazon Fire Phone instead of a Nexus phone, for example.

Today's stats:

So KitKat is still installed on 4% of devices using the Google PlayStore.

Stats for current Riot-Android application:

So 0.82% of active installation is on a device running Android KitKat and less.

I assume as a compromise, the best decision to take is to use OkHttp 3.13 until end of december 2020 and migrate to the latest version in January 2021 and drop support to KitKat at this date (so set minSDK 21 at this date). If people whats to have support for KitKat after this date, they will have to fork the app.

Also interesting min version of other messaging app:
Whatsapp: 4.0.3
Slack: 5.0
LinkedIn: 5.0
Citadel: 6.0 (!)
Facebook Messenger: varies with device (they have several APKs for different arch, and minSDK level may not be the same)
Twitter: same as Facebook Messenger
Telegram: same as Facebook Messenger
TelegramX: same as Facebook Messenger

Telegram is minSdkVersion 16, but they have separate builds for API23+ it seems: https://github.com/DrKLO/Telegram/blob/master/TMessagesProj/build.gradle#L382

Also this could be interesting for RiotX as well: https://github.com/AntennaPod/AntennaPod/pull/4077

Thanks for mentioning my pull request @z3ntu. Yes, bundling a modern Security Provider (Conscrypt) within an app is possible and quite easy. That way I'm able to use TLSv1.3 with modern cipher suites on KitKat without any problems. Lets see if I can sell you all on it...

It literally only takes 2 lines of code (literally literally) and gives TLSv1.2 and modern cipher suites right away. To enable TLSv1.3 (on all devices) and disable obsolete protocols (like SSLv3) just takes a simple custom SSLSocketFactory (since you are using okhttp). The only drawback is it does increase the apk size. But it means the app is future proof when more devices get too old (like if TLSv1.2 gets deprecated which would mean anything older than Android 10 will stop working).

Here is an example of how to bundle conscrypt within an app. I hope to finish the README later today, it will contain all necessary info and instructions.

Of course best solution would be if someone could create a "ConscryptInstaller" app, with an API similar to google's ProviderInstaller. This would bundle a modern conscrypt and provide it to all apps that requests it. And be installed and updated through F-Droid. But Android is already based on the idea of apps bundling all libraries, so just bundling conscrypt with an app doesn't seem that strange to me.

Also, a correction: the 3.12.x branch of okhttp will be supported through December 31, 2021. So there's no need abandon ship just yet.

As for the modern branch of OkHttp, I do not know if bundling conscrypt is enough to support the modern okhttp branch because it says it depends on API 21 (KitKat is 19). I tried building and running on a KitKat device and while it did install, on running I got

java.lang.IllegalStateException: Expected Android API level 21+ but was 19

It might be possible to work around (rebuild okhttp with minSdkVersion 19?), but it's possible it actually depends on something in the new API. And switching to the modern branch doesn't seem necessary just yet.