use a 512 bit asymmetric encryption key to avoid 'contain encryption' in the app

Question

I have an app that contains a sqlite db with some data is encrypted with a public/private key combination. I generate this pair from the distribution provisional certificate in keychain access (Right click and save as .cer and then again as .p12 with password).

The app is ready to be submitted to apple and I find out that if any encryption is used, I'll have to submit documents for ERN authorization. While reading through the documentation, it mentions that if your key is less than 512 bit for asymmetric encryption, you will be exempt from it.

iii) your app uses, accesses, implements or incorporates encryption with key lengths not exceeding 56 bits symmetric, 512 bits asymmetric and/or 112 bit elliptic curve

(iv) your app is a mass market product with key lengths not exceeding 64 bits symmetric, or if no symmetric algorithms, not exceeding 768 bits asymmetric and/or 128 bits elliptic curve.

Now my problem is if I create a certificate sign request with 512 bit size then I can not create certificate from developer portal with that request.

Is there a way to get around this, other than switching to a symmetric key algorithm? I would like to avoid rewriting that portion. Basically, I would like to create a .cer/.p12 pair using 512 bit encryption instead of the standard 2048. I need something that supports UTF-8. The one I can manually create from mac only supports ASCII.

Answer 1

if anyone ever is confused about this, i changed it to symmetric key and apple approved the app, didn't have to submit any additional documents.