Have a look at the case Bernstein v. United States
In the early 1990s, Daniel J. Bernstein created the Snuffle encryption system. He wanted to publish it in an international conference. However, after asking the appropriate US department, he was told by the Office of Defense Trade Controls:
the information known as Snuffle 5.0 has been determined, under the Commodity Jurisdiction (CJ) determination process, to be a defense article
requiring him to register as an arms manufacturer. After much back and forth, he ended up suing in February 1995 (the basis being that the export-control laws were unconstitutional). Government lawyers claimed that his claim [that he was restrained from exporting it] was unfounded, “the product of his own misinterpretation of the facts and the ITAR.”
On its decision, the District Court stated that
plaintiff had every reason to believe his paper had been determined to be a defense article
So we can conclude from the District Court ruling that the US did prohibit the export, even though the ITAR later backed out and claimed they didn't.
There was a lot of requesting information, not receiving an answer, or hardly applicable ones. One of the funny pieces of the Court decision was:
Defendants also conclude summarily that both the definition of cryptographic software and the exemptions from this definition are clear to a person of ordinary intelligence. This seems to be a bit of dissimulation, unless it is a confession, since the ODTC itself mistakenly classified Bernstein's academic paper as a defense article under Category XIII.
The ruling in the case declared that software was protected speech under the First Amendment. It is to note that export rules changed and now it is now allowed to export a cryptographic algorithm, even in digital form.
You can read the documents of the case at Daniel Bernstein page https://cr.yp.to/export.html including the multiple documentation involved.