Update min SDK to 21 (#2607)

- Update minSdk to 21 
- Remove conditions for 
  16  Build.VERSION_CODES.JELLY_BEAN
  17 Build.VERSION_CODES.JELLY_BEAN_MR1
  18 Build.VERSION_CODES.JELLY_BEAN_MR2
  19 KIKAT
  20 KITKAT_WATCH
  21 LOLLIPOP

Author: p3dr0rv

changelog.txt

@@ -1,5 +1,6 @@
 vNext
 ----------
+- [PATCH] Update minSdk to 21(#2607)
 - [MINOR] Add handler for resume switch_browser flow on WebViewAuthorizationFragment (#2557)
 - [PATCH] Track MAM flow in telemetry (#2608)
 - [PATCH] Fix multiple prompts issue in cross cloud request (#2599)

common/src/androidTest/java/com/microsoft/identity/common/internal/platform/AndroidDevicePoPManagerEncryptionTests.java

@@ -52,6 +52,7 @@
 // https://github.com/robolectric/robolectric/issues/1518
 //todo: Investigate if these tests can be migrated to common4j
 @RunWith(Parameterized.class)
+@Config(sdk =21)
 public class AndroidDevicePoPManagerEncryptionTests {
 
     private static final String DATA_TO_ENCRYPT = "The quick brown fox jumped over the lazy dog.";
@@ -63,10 +64,9 @@ public class AndroidDevicePoPManagerEncryptionTests {
     public static Iterable<IDevicePopManager.Cipher> testParams() {
         final List<IDevicePopManager.Cipher> ciphers = new ArrayList<>();
 
-        // Only execute these tests at appropriate API levels...
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR2) {
-            ciphers.add(RSA_ECB_PKCS1_PADDING);
-        }
+
+        ciphers.add(RSA_ECB_PKCS1_PADDING);
+
 
         //https://stackoverflow.com/questions/36015194/android-keystoreexception-unknown-error -
         //https://issuetracker.google.com/issues/37075898

common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationSettings.java

@@ -134,11 +134,10 @@ public void setSecretKey(byte[] rawKey) {
         if (rawKey == null || rawKey.length != SECRET_RAW_KEY_LENGTH) {
             throw new IllegalArgumentException("rawKey");
         }
-        if (android.os.Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR2) {
-            Logger.warn(methodTag, "You're using setSecretKey in a version of android " +
-                    "that supports keyStore functionality.  Consider not doing this, as it only exists " +
-                    "for devices with an SDK lower than " + Build.VERSION_CODES.JELLY_BEAN_MR2);
-        }
+        Logger.warn(methodTag, "You're using setSecretKey in a version of android " +
+                "that supports keyStore functionality.  Consider not doing this, as it only exists " +
+                "for devices with an SDK lower than " + Build.VERSION_CODES.JELLY_BEAN_MR2);
+
         mSecretKeyData.set(rawKey);
     }
 

common/src/main/java/com/microsoft/identity/common/adal/internal/cache/ADALOAuth2TokenCache.java

@@ -391,12 +391,6 @@ private void setItem(final String key, final ADALTokenCacheItem cacheItem) {
 
     private void validateSecretKeySetting() {
         Logger.verbose(TAG, "Validating secret key settings.");
-        final byte[] secretKeyData = AuthenticationSettings.INSTANCE.getSecretKeyData();
-
-        if (secretKeyData == null && Build.VERSION.SDK_INT < Build.VERSION_CODES.JELLY_BEAN_MR2) {
-            throw new IllegalArgumentException("Secret key must be provided for API < 18. "
-                    + "Use AuthenticationSettings.INSTANCE.setSecretKey()");
-        }
     }
 
     @Override

common/src/main/java/com/microsoft/identity/common/crypto/AndroidWrappedKeyLoader.java

@@ -71,7 +71,6 @@
  * Instead, the actual key that we use to encrypt/decrypt data is 'wrapped/encrypted' with the keystore key
  * before it get saved to the file.
  */
-@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR2)
 public class AndroidWrappedKeyLoader extends AES256KeyLoader {
     private static final String TAG = AndroidWrappedKeyLoader.class.getSimpleName() + "#";
 
@@ -359,7 +358,6 @@ public void deleteSecretKeyFromStorage() throws ClientException {
      * @param context an Android {@link Context} object.
      * @return a {@link AlgorithmParameterSpec} for the keystore key (that we'll use to wrap the secret key).
      */
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     private static AlgorithmParameterSpec getLegacySpecForKeyStoreKey(@NonNull final Context context,
                                                                 @NonNull final String alias) {
         // Generate a self-signed cert.

common/src/main/java/com/microsoft/identity/common/internal/fido/LegacyFidoActivityResultContract.kt

@@ -25,12 +25,10 @@ package com.microsoft.identity.common.internal.fido
 import android.app.Activity
 import android.content.Context
 import android.content.Intent
-import android.os.Build
 import android.util.Base64
 import androidx.activity.result.IntentSenderRequest
 import androidx.activity.result.contract.ActivityResultContract
 import androidx.activity.result.contract.ActivityResultContracts
-import androidx.annotation.RequiresApi
 import com.google.android.gms.fido.Fido
 import com.google.android.gms.fido.fido2.api.common.AuthenticatorAssertionResponse
 import com.google.android.gms.fido.fido2.api.common.AuthenticatorErrorResponse
@@ -58,7 +56,6 @@ class LegacyFidoActivityResultContract : ActivityResultContract<LegacyFido2ApiOb
             )
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.KITKAT)
     override fun parseResult(resultCode: Int, intent: Intent?): Void? {
         if (intent == null) {
             errorCallback.invoke(

common/src/main/java/com/microsoft/identity/common/internal/platform/AndroidDevicePopManager.java

@@ -118,7 +118,6 @@ private static IKeyStoreKeyManager<KeyStore.PrivateKeyEntry> createKeyStoreKeyMa
                 .build();
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @Override
     public KeyPair generateNewRsaKeyPair(int keySize) throws UnsupportedOperationException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException {
         return generateNewRsaKeyPair(mContext, keySize);
@@ -169,7 +168,6 @@ protected void performCleanupIfMintShrFails(@NonNull final Exception e) {
      * @return The newly generated RSA KeyPair.
      * @throws UnsupportedOperationException
      */
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @SuppressLint(NewApi)
     private KeyPair generateNewRsaKeyPair(@androidx.annotation.NonNull final Context context,
                                           final int minKeySize)
@@ -293,7 +291,6 @@ private static boolean isNegativeInternalError(@androidx.annotation.NonNull fina
      * @throws NoSuchProviderException            If the designated crypto provider cannot be found.
      * @throws StrongBoxUnavailableException      If StrongBox is unavailable.
      */
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     private KeyPair generateNewKeyPair(@androidx.annotation.NonNull final Context context, final boolean useStrongbox,
                                        final boolean enableImport, final boolean trySetAttestationChallenge)
             throws InvalidAlgorithmParameterException, NoSuchAlgorithmException,
@@ -321,7 +318,6 @@ private KeyPair generateNewKeyPair(@androidx.annotation.NonNull final Context co
         }
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     private KeyPairGenerator getInitializedRsaKeyPairGenerator(@androidx.annotation.NonNull final Context context,
                                                                final int keySize,
                                                                final boolean useStrongbox,
@@ -352,7 +348,6 @@ private KeyPairGenerator getInitializedRsaKeyPairGenerator(@androidx.annotation.
      * @param trySetAttestationChallenge True if we should attempt to generate an attestation challenge cert.
      * @throws InvalidAlgorithmParameterException
      */
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     private void initialize(@androidx.annotation.NonNull final Context context,
                             @androidx.annotation.NonNull final KeyPairGenerator keyPairGenerator,
                             final int keySize,
@@ -491,7 +486,6 @@ private void initialize28(@androidx.annotation.NonNull final KeyPairGenerator ke
 
 
     @SuppressLint(NewApi)
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @SuppressWarnings("deprecation")
     private void initializePre23(@androidx.annotation.NonNull final Context context,
                                  @androidx.annotation.NonNull final KeyPairGenerator keyPairGenerator,
@@ -508,11 +502,9 @@ private void initializePre23(@androidx.annotation.NonNull final Context context,
                 .setSerialNumber(AndroidDevicePopManager.CertificateProperties.SERIAL_NUMBER)
                 .setSubject(new X500Principal(AndroidDevicePopManager.CertificateProperties.COMMON_NAME));
 
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT) {
-            specBuilder.setAlgorithmParameterSpec(
-                    new RSAKeyGenParameterSpec(keySize, RSAKeyGenParameterSpec.F4)
-            );
-        }
+        specBuilder.setAlgorithmParameterSpec(
+                new RSAKeyGenParameterSpec(keySize, RSAKeyGenParameterSpec.F4)
+        );
 
         final android.security.KeyPairGeneratorSpec spec = specBuilder.build();
         keyPairGenerator.initialize(spec);

common/src/main/java/com/microsoft/identity/common/internal/platform/AndroidKeystoreAsymmetricRsaKey.java

@@ -22,11 +22,8 @@
 //  THE SOFTWARE.
 package com.microsoft.identity.common.internal.platform;
 
-import android.content.Context;
-import android.os.Build;
 
 import androidx.annotation.NonNull;
-import androidx.annotation.RequiresApi;
 
 import com.microsoft.identity.common.java.crypto.SecureHardwareState;
 import com.microsoft.identity.common.java.crypto.SigningAlgorithm;
@@ -41,10 +38,8 @@
  */
 public class AndroidKeystoreAsymmetricRsaKey implements AsymmetricRsaKey {
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     public static final IDevicePopManager.Cipher RSA_ECB_PKCS_1_PADDING = IDevicePopManager.Cipher.RSA_ECB_PKCS1_PADDING;
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     public static final SigningAlgorithm SHA_256_WITH_RSA = SigningAlgorithm.SHA_256_WITH_RSA;
 
     /**
@@ -94,25 +89,21 @@ public String getPublicKey() throws ClientException {
         return mDevicePopManager.getPublicKey(IDevicePopManager.PublicKeyFormat.JWK);
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @Override
     public String sign(@NonNull final String data) throws ClientException {
         return mDevicePopManager.sign(SHA_256_WITH_RSA, data);
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @Override
     public boolean verify(@NonNull final String plainText, @NonNull final String signatureStr) {
         return mDevicePopManager.verify(SHA_256_WITH_RSA, plainText, signatureStr);
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @Override
     public String encrypt(@NonNull final String plaintext) throws ClientException {
         return mDevicePopManager.encrypt(RSA_ECB_PKCS_1_PADDING, plaintext);
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @Override
     public String decrypt(@NonNull final String ciphertext) throws ClientException {
         return mDevicePopManager.decrypt(RSA_ECB_PKCS_1_PADDING, ciphertext);
@@ -123,25 +114,21 @@ public SecureHardwareState getSecureHardwareState() throws ClientException {
         return mDevicePopManager.getSecureHardwareState();
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @Override
     public byte[] encrypt(byte[] plaintext) throws ClientException {
         return mDevicePopManager.encrypt(RSA_ECB_PKCS_1_PADDING, plaintext);
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @Override
     public byte[] decrypt(byte[] ciphertext) throws ClientException {
         return mDevicePopManager.encrypt(RSA_ECB_PKCS_1_PADDING, ciphertext);
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @Override
     public byte[] sign(byte[] text) throws ClientException {
         return mDevicePopManager.sign(SHA_256_WITH_RSA, text);
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
     @Override
     public boolean verify(byte[] text, byte[] signature) throws ClientException {
         return mDevicePopManager.verify(SHA_256_WITH_RSA, text, signature);

common/src/main/java/com/microsoft/identity/common/internal/platform/AndroidPlatformUtil.java

@@ -179,11 +179,7 @@ public void onReturnCommandResult(@NonNull ICommand<?> command) {
 
     @Override
     public long getNanosecondTime() {
-        if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.JELLY_BEAN_MR1) {
-            return SystemClock.elapsedRealtimeNanos();
-        } else {
-            return System.nanoTime();
-        }
+        return SystemClock.elapsedRealtimeNanos();
     }
 
     @Override
@@ -250,7 +246,7 @@ public static boolean isInManagedProfile(@NonNull final Context appContext) {
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
             final UserManager um = (UserManager) appContext.getSystemService(Context.USER_SERVICE);
             return um.isManagedProfile();
-        } else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
+        } else {
             final DevicePolicyManager dpm = (DevicePolicyManager) appContext.getSystemService(Context.DEVICE_POLICY_SERVICE);
             final List<ComponentName> activeAdmins = dpm.getActiveAdmins();
             if (activeAdmins != null) {

common/src/main/java/com/microsoft/identity/common/internal/platform/AndroidSecretKeyAccessor.java

@@ -22,9 +22,6 @@
 // THE SOFTWARE.
 package com.microsoft.identity.common.internal.platform;
 
-import android.os.Build;
-
-import androidx.annotation.RequiresApi;
 
 import com.microsoft.identity.common.java.crypto.CryptoSuite;
 import com.microsoft.identity.common.java.crypto.IKeyStoreKeyManager;
@@ -69,7 +66,6 @@ public class AndroidSecretKeyAccessor implements IManagedKeyAccessor<KeyStore.Se
     private static final Charset UTF8 = Charset.forName("UTF-8");
     private final AndroidDeviceKeyManager<KeyStore.SecretKeyEntry> mKeyManager;
     private final CryptoSuite suite;
-    @RequiresApi(api = Build.VERSION_CODES.KITKAT)
     @Override
     public byte[] encrypt(@NonNull final byte[] plaintext) throws ClientException {
         final String errCode;
@@ -110,7 +106,6 @@ public byte[] encrypt(@NonNull final byte[] plaintext) throws ClientException {
         throw new ClientException(errCode, exception.getMessage(), exception);
     }
 
-    @RequiresApi(api = Build.VERSION_CODES.KITKAT)
     @Override
     public byte[] decrypt(@NonNull final byte[] ciphertext) throws ClientException {
         final String errCode;