[pve-devel] [PATCH pve_flutter_frontend v3] chore: ios: add export compliance key to info.plist

Thomas Lamprecht t.lamprecht at proxmox.com
Wed Oct 1 15:54:19 CEST 2025 

Am 30.09.25 um 10:48 schrieb Shan Shaji:
> The app only uses TLS/SSL through iOS platform APIs, which are already
> exported by Apple, and is therefore classified under 5A992/5D992 (Mass
> Market [1]). Since march 29, 2021, mass market software no longer
> requires a self-classification report except for "non-standared"
> algorithms.
> 
> The `crypto` package is used solely for data integrity with SHA-256
> (publicly available, standard algorithm) and not for
> confidentiality [3], so it should fall under 5D992. Also this package
> should also fall under mass market cryptographic library which
> implements a standard algorithm [2] (Table Reference: Third Row).
> 
> The `biometric_storage` package relies on iOS platform APIs [4] for
> biometrics, which are already exported by Apple. To avoid manually
> completing the App Store export compliance step, the
> `ITSAppUsesNonExemptEncryption = false` key has been added to
> Info.plist.
> 
> - [1] https://www.bis.doc.gov/index.php/policy-guidance/encryption/3-license-exception-enc-and-mass-market/a-mass-market
> - [2] https://www.bis.doc.gov/index.php/documents/pdfs/2759-table-of-changes-to-enc-in-wa2019-rule-final-version/file
> - [3] https://www.bis.doc.gov/index.php/documents/new-encryption/1652-cat-5-part-2-quick-reference-guide/file
> - [4] https://github.com/authpass/biometric_storage/blob/main/macos/Classes/BiometricStorageImpl.swift
> 
> Signed-off-by: Shan Shaji <s.shaji at proxmox.com>
> ---
>  changes since v1: 
>  - Updated commit message with more rationale. 
> 
>  ios/Runner/Info.plist | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/ios/Runner/Info.plist b/ios/Runner/Info.plist
> index 9949e0f..a5587ed 100644
> --- a/ios/Runner/Info.plist
> +++ b/ios/Runner/Info.plist
> @@ -22,6 +22,8 @@
>  	<string>????</string>
>  	<key>CFBundleVersion</key>
>  	<string>$(FLUTTER_BUILD_NUMBER)</string>
> +	<key>ITSAppUsesNonExemptEncryption</key>
> +	<false/>
>  	<key>LSRequiresIPhoneOS</key>
>  	<true/>
>  	<key>NSFaceIDUsageDescription</key>

Acked-by: Thomas Lamprecht <t.lamprecht at proxmox.com>

More information about the pve-devel mailing list