Reputation: 278
iTunesConnect Encryption of an app
My question is about this question:
Is your product designed to use cryptography or does it contain or incorporate cryptography?
I don't know what to answer because my app is using the commoncrypto framework and md5 encryption. What should I answer?
Codes used in App:
(NSString *) md5:(NSString *) input
{
const char *cStr = [input UTF8String];
unsigned char digest[16];
CC_MD5( cStr, strlen(cStr), digest ); // This is the md5 call
NSMutableString *output = [NSMutableString stringWithCapacity:CC_MD5_DIGEST_LENGTH * 2];
for(int i = 0; i < CC_MD5_DIGEST_LENGTH; i++)
[output appendFormat:@"%02x", digest[i]];
return output;
}
Upvotes: 3
Views: 1339
Answers (2)
Reputation: 112855
md5 is a hash function and hash functions are one-way and are not encryption.
If all you are using is a hash function the answer is No you are not using encryption.
If you are using AES, DES of other encryption, that is two-way crypto functions then the answer is YES.
Merely adding the CommonCrypto framework makes no difference, it is the usage of encryption that counts.
The only concern is any encryption in the app, there is no concern with anything done on a related server.
Upvotes: 1
Reputation: 54258
iTunes Connect does not care server-side implementation.
If you use MD5 or any other encryption mechanism in server side (but not in App side), you should choose No for the answer.
Upvotes: 1
Related Questions
- Does my application "contain encryption"?
- Does an iOS app that uses StoreKit "use encryption", as in Apple's Export Compliance Information question?
- iTunes Connect - Is your app designed to use cryptography?
- App uses https - what is the correct value of ITSAppUsesNonExemptEncryption
- IOS App Encryption
- Export Compliance and AES256 in iPhone
- iTunes Connect - Export Compliance is necessary for password?
- iTunes Connect: Is your app designed to use cryptography?
- Is my application using encryption (only keychain)?
- AES-256 encryption & Apple iTunes export restrictions