Privacy Manifest file
GJDK opened this issue · 7 comments
Hi Team,
I am not able to find the manifest file here in the code. Can you please help with that? As it is mandatory for app update from Spring 2024.
Thanks in advance.
Edit: is this required to be signed? If not you can just include it yourself and during the build no?
Looking at these docs: https://developer.apple.com/support/third-party-SDK-requirements/
It seems: Signatures are also required in these cases where the listed SDKs are used as binary dependencies - which I assume covers Libsodium's C based .a object code.
does this mean Swift-Sodium releases now need to be signed by you @jedisct1 ?
I'm not sure.
https://developer.apple.com/support/third-party-SDK-requirements/ includes a list of affected SDKs, and sodium is not there.
Looks like SDKs from that list have in common that they can perform network access. Which libsodium does not.
SDKs that require a privacy manifest and signature
... Any version of a listed SDK, as well as any SDKs that repackage those on the list, are included in the requirement.
Agreed, looks like it's not mandatory for Swift-Sodium, which we can address if the need arises.
Interestingly OpenSSL is on the list.
OpenSSL can setup network connections, and can be used to exfiltrate information.
Hi @jedisct1 , I believe the listed frameworks are explicit one that apple finds out. But if you go through this https://developer.apple.com/support/third-party-SDK-requirements/#:~:text=This%20functionality%20is%20a%20step%20forward%20for%20all%20apps%2C%20and%20we%20encourage%20all%20SDKs%20to%20adopt%20it%20to%20better%20support%20the%20apps%20that%20depend%20on%20them. we can understand that apple is pushing towards getting the privacy manifest file from the 3rd party SDKs. Hence i request to provide the privacy manifest file. Thanks.
Using this tool to scan my apps binaries, I was able to determine that Swift Sodium uses one of the listed "required reason APIs". These APIs must be included in a privacy manifest, whether it be the third party SDK using it or the app including the binary when submitting to the app store.
Either way, some one has to specify this. Apple recommends third party SDKs specify their "required reason APIs" in their own manifest, that way submitted apps including the binary don't have to.
The required reason API being used are stat and fstat which fall under the File timestamp APIs
Used symbols in binary ./Carthage/Checkouts/swift-sodium/Clibsodium.xcframework/watchos-arm64_32_armv7k/libsodium.a: fstat, stat
Used symbols in binary ./Carthage/Checkouts/swift-sodium/Clibsodium.xcframework/tvos-arm64/libsodium.a: fstat, stat
Used symbols in binary ./Carthage/Checkouts/swift-sodium/Clibsodium.xcframework/ios-arm64_i386_x86_64-simulator/libsodium.a: fstat, stat
Used symbols in binary ./Carthage/Checkouts/swift-sodium/Clibsodium.xcframework/tvos-arm64_x86_64-simulator/libsodium.a: fstat, stat
Used symbols in binary ./Carthage/Checkouts/swift-sodium/Clibsodium.xcframework/ios-arm64_armv7_armv7s/libsodium.a: fstat, stat
Used symbols in binary ./Carthage/Checkouts/swift-sodium/Clibsodium.xcframework/macos-arm64_x86_64/libsodium.a: fstat, stat
Used symbols in binary ./Carthage/Checkouts/swift-sodium/Clibsodium.xcframework/ios-arm64_x86_64-maccatalyst/libsodium.a: fstat, stat
Used symbols in binary ./Carthage/Checkouts/swift-sodium/Clibsodium.xcframework/watchos-arm64_i386_x86_64-simulator/libsodium.a: fstat, stat