Is it acceptable to call openssl within an app submitted to the Mac App Store?

I'm a bit unclear on what the rules are in terms of calling on processes outside of an application submitted to the App Store.

I have read that if you want to use other libraries/frameworks aside from Cocoa and the OSX libraries you must include it in your application (e.g., if writing you app in QT, Python or Ruby).

However, is it possible to call on openssl from within an app submitted to the store? Specifically, I'm writing an app in Mac Ruby and wish to use openssl for some cryptographic procedures.

As far as I'm aware, openssl is installed on every OS X machine, but I'm not clear if it's OK to make calls to it from my Ruby program.


As far as I know, you cannot call private frameworks (those under /System/Library/Frameworks) or, if you want to use third party frameworks/libs, you have to include them in the bundle resources. So I think using openssl should be OK. But we are talking about cryptographic software, which is a delicate matter. App Store rules say that (iTunesConnect Developer Guide):

Export laws require that products containing encryption be properly authorized for export. You will be asked a series of questions regarding app encryption once you indicate you are ready to submit your binary and anytime you update the binary after that. Based on the answers to these questions, you may need to provide a PDF copy of the commodity classification ruling (CCATS) confirming classification of the app.


  • Passwords hashed differently on different servers
  • Janrain OpenId vs lightopenid PHP libraries
  • An internal error occurred. the private key that you are importing might require a cryptographic ser
  • Securely Encrypt 64bits w/o per element overhead?
  • Fortran Function with return type depending on parameters
  • Ignore dependency when creating view in SQL Server
  • OpenSSL::X509::Certificate Showing Certificate for Wrong Domain
  • how to convert PEM to P7B with python
  • SQL Server Cascading
  • Implementing HMAC-SHA256 for Keybase in Javascript
  • Objective C - Create a framework for my iphone apps?
  • How to make a user wait with Laravel
  • how to verify a P12 certificate using openssl?
  • Where in the relevant specification is it documented that some comments in a SQL script are, in fact
  • Which browser have this strange user agent? (IOS device)
  • Generating anchors with PyYAML.dump()?
  • How do I capture a rsolr Sunspot exception raised on a different thread from a model callback?
  • How to call a procedure using NHibernate that returns result from multiple tables?
  • SSL client cert authentication for only some URLs?
  • Get Currently Active User in Android
  • VSCode change debug shell to bash on windows
  • import scipy.sparse failed
  • OSX - always hide certain files
  • During installation of Django, why do I keep getting ImportError: No module named django?
  • where do I find the xml.dom python package for the python-2.6.0-8.9.28 and I have a suse/x86_64 vers
  • Python pickle not one-to-one: different pickles give same object
  • Do I need to seed any random number generator before using EVP_PKEY_keygen of OpenSSL?
  • Tamper-proof configuration files in .NET?
  • Install PHP intl extension on MacOS
  • Is it possible to access block's scope in method?
  • How do I change content of ComboFieldEditor?
  • WinForms: two way TextBox problem
  • Weird JavaScript statement, what does it mean?
  • Do I've to free mysql result after storing it?
  • SQL merge duplicate rows and join values that are different
  • how does django model after text[] in postgresql [duplicate]
  • Change div Background jquery
  • How does Linux kernel interrupt the application?
  • Busy indicator not showing up in wpf window [duplicate]
  • Why do underscore prefixed variables exist?