From: Shan Shaji <s.shaji@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve_flutter_frontend v3] chore: ios: add export compliance key to info.plist
Date: Tue, 30 Sep 2025 10:48:52 +0200 [thread overview]
Message-ID: <20250930084852.39176-1-s.shaji@proxmox.com> (raw)
The app only uses TLS/SSL through iOS platform APIs, which are already
exported by Apple, and is therefore classified under 5A992/5D992 (Mass
Market [1]). Since march 29, 2021, mass market software no longer
requires a self-classification report except for "non-standared"
algorithms.
The `crypto` package is used solely for data integrity with SHA-256
(publicly available, standard algorithm) and not for
confidentiality [3], so it should fall under 5D992. Also this package
should also fall under mass market cryptographic library which
implements a standard algorithm [2] (Table Reference: Third Row).
The `biometric_storage` package relies on iOS platform APIs [4] for
biometrics, which are already exported by Apple. To avoid manually
completing the App Store export compliance step, the
`ITSAppUsesNonExemptEncryption = false` key has been added to
Info.plist.
- [1] https://www.bis.doc.gov/index.php/policy-guidance/encryption/3-license-exception-enc-and-mass-market/a-mass-market
- [2] https://www.bis.doc.gov/index.php/documents/pdfs/2759-table-of-changes-to-enc-in-wa2019-rule-final-version/file
- [3] https://www.bis.doc.gov/index.php/documents/new-encryption/1652-cat-5-part-2-quick-reference-guide/file
- [4] https://github.com/authpass/biometric_storage/blob/main/macos/Classes/BiometricStorageImpl.swift
Signed-off-by: Shan Shaji <s.shaji@proxmox.com>
---
changes since v1:
- Updated commit message with more rationale.
ios/Runner/Info.plist | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ios/Runner/Info.plist b/ios/Runner/Info.plist
index 9949e0f..a5587ed 100644
--- a/ios/Runner/Info.plist
+++ b/ios/Runner/Info.plist
@@ -22,6 +22,8 @@
<string>????</string>
<key>CFBundleVersion</key>
<string>$(FLUTTER_BUILD_NUMBER)</string>
+ <key>ITSAppUsesNonExemptEncryption</key>
+ <false/>
<key>LSRequiresIPhoneOS</key>
<true/>
<key>NSFaceIDUsageDescription</key>
--
2.50.1
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next reply other threads:[~2025-09-30 8:48 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-30 8:48 Shan Shaji [this message]
2025-10-01 13:54 ` Thomas Lamprecht
2025-10-02 8:39 ` [pve-devel] applied: " Dominik Csapak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250930084852.39176-1-s.shaji@proxmox.com \
--to=s.shaji@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.