I am uploading my app build using Apple Store Connect.
I am in front of the “Missing Compilance” question:
Missing Compilance question and answers
Looking to the possible answer I am not sure about which one is the best for my app.
I tried to find a solution googling or on Apple official documentation:
My app is written in Flutter, it does HTTPS requests and it uses these libraries (about encryption):
In particular, the app:
- downloads a string (SSS) from the web;
- uses the AES algorithm from the “encrypt” package to encrypt the secret string (EEE);
- mixes the new encrypted secret string (EEE) with the encryption key (KKK) in the “final” string (EKEKEK);
- saves the final string (EKEKEK) in the storage using “flutter_secure_storage”;
So in the storage we have a string (EKEKEK) representing a mix of the encrypted string and his key – this string will be decrypted and embed in HTTPS requests later (but it isn’t relevant).
In view of this, which encryption algorithms does my app implement?
- Encryption algorithms that are proprietary or not accepted as standard by international standard bodies (IEEE, IETF, ITU, etc.)
- Standard encryption algorithms instead of, or in addition to, using or accessing the encryption within Apple’s operating system
- Both algorithms mentioned above