From: Shan Shaji <s.shaji@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve_flutter_frontend v3] chore: ios: add export compliance key to info.plist
Date: Tue, 30 Sep 2025 10:48:52 +0200 [thread overview]
Message-ID: <20250930084852.39176-1-s.shaji@proxmox.com> (raw)
The app only uses TLS/SSL through iOS platform APIs, which are already
exported by Apple, and is therefore classified under 5A992/5D992 (Mass
Market [1]). Since march 29, 2021, mass market software no longer
requires a self-classification report except for "non-standared"
algorithms.
The `crypto` package is used solely for data integrity with SHA-256
(publicly available, standard algorithm) and not for
confidentiality [3], so it should fall under 5D992. Also this package
should also fall under mass market cryptographic library which
implements a standard algorithm [2] (Table Reference: Third Row).
The `biometric_storage` package relies on iOS platform APIs [4] for
biometrics, which are already exported by Apple. To avoid manually
completing the App Store export compliance step, the
`ITSAppUsesNonExemptEncryption = false` key has been added to
Info.plist.
- [1] https://www.bis.doc.gov/index.php/policy-guidance/encryption/3-license-exception-enc-and-mass-market/a-mass-market
- [2] https://www.bis.doc.gov/index.php/documents/pdfs/2759-table-of-changes-to-enc-in-wa2019-rule-final-version/file
- [3] https://www.bis.doc.gov/index.php/documents/new-encryption/1652-cat-5-part-2-quick-reference-guide/file
- [4] https://github.com/authpass/biometric_storage/blob/main/macos/Classes/BiometricStorageImpl.swift
Signed-off-by: Shan Shaji <s.shaji@proxmox.com>
---
changes since v1:
- Updated commit message with more rationale.
ios/Runner/Info.plist | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ios/Runner/Info.plist b/ios/Runner/Info.plist
index 9949e0f..a5587ed 100644
--- a/ios/Runner/Info.plist
+++ b/ios/Runner/Info.plist
@@ -22,6 +22,8 @@
<string>????</string>
<key>CFBundleVersion</key>
<string>$(FLUTTER_BUILD_NUMBER)</string>
+ <key>ITSAppUsesNonExemptEncryption</key>
+ <false/>
<key>LSRequiresIPhoneOS</key>
<true/>
<key>NSFaceIDUsageDescription</key>
--
2.50.1
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next reply other threads:[~2025-09-30 8:48 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-30 8:48 Shan Shaji [this message]
2025-10-01 13:54 ` Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250930084852.39176-1-s.shaji@proxmox.com \
--to=s.shaji@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox