Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add section for App Store Encryption Export Regulations #1409

Closed
ghost opened this issue Jan 26, 2023 · 2 comments
Closed

Add section for App Store Encryption Export Regulations #1409

ghost opened this issue Jan 26, 2023 · 2 comments
Labels
App Center SDK app-center-general/subsvc Pri2 vs-appcenter/svc

Comments

@ghost
Copy link

ghost commented Jan 26, 2023
edited by ghost
Loading

Apple developers must affirm whether their app uses encryption when submitting their app to the App Store "—including any third-party libraries it links against—".

Typically, the use of encryption that’s built into the operating system—for example, when your app makes HTTPS connections using URLSession—is exempt from export documentation upload requirements, whereas the use of proprietary encryption is not. To determine whether your use of encryption is considered exempt, see Determine your export compliance requirements.

Source: Apple Developer - Article - Complying with Encryption Export Regulations

Can a section be added to the documentation that provides the affirmation to comply with the App Store Encryption Export Regulations for app developers that link the AppCenter SDK(s) in their apps please?

Document Details

Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
@DmitriyKirakosyan
Copy link
Contributor

Hello @antonys1 , thank you for reaching out!

We only use Apple's OS built-in encryption CommonCryptor, and save the encrypted file into the App's folder. The encrypted data is saved within an event and error logs until it can be sent over the internet. Before sending over the internet it gets decrypted and then it is sent over the internet with https request using NSURLSession.

Note, the only thing which gets encrypted is a transmission token, see:
https://github.com/microsoft/appcenter-sdk-apple/blob/2214f9ee2476f28af64cb38359defe59e85197a1/AppCenterCrashes/AppCenterCrashes/MSACCrashes.mm#L579
https://github.com/microsoft/appcenter-sdk-apple/blob/2214f9ee2476f28af64cb38359defe59e85197a1/AppCenter/AppCenter/Internals/Storage/MSACLogDBStorage.m#L73

The transmission target API is not documented and thus isn't officially supported. I believe you don't use this API. In such case, encryption is not happening on the AppCenter SDK side.

If you are not sure if you should specify if your app is using encryption I recommend you to reach out to Apple support team and consult on your specific case.

@ghost
Copy link
Author

ghost commented Feb 3, 2023

Thank you @DmitriyKirakosyan.

@ghost ghost closed this as completed Feb 3, 2023
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
App Center SDK app-center-general/subsvc Pri2 vs-appcenter/svc
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DmitriyKirakosyan