Bump cryptography from 45.0.6 to 46.0.3

Bumps [cryptography](https://github.com/pyca/cryptography) from 45.0.6 to 46.0.3.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/45.0.6...46.0.3)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

pyproject.toml

@@ -27,7 +27,7 @@ dependencies = [
     "iOSbackup==0.9.925",
     "adb-shell[usb]==0.4.4",
     "libusb1==3.3.1",
-    "cryptography==45.0.6",
+    "cryptography==46.0.3",
     "PyYAML>=6.0.2",
     "pyahocorasick==2.2.0",
     "betterproto==1.2.5",

src/mvt/android/cli.py

@@ -31,8 +31,6 @@ from mvt.common.help import (
     HELP_MSG_HASHES,
     HELP_MSG_CHECK_IOCS,
     HELP_MSG_STIX2,
-    HELP_MSG_DISABLE_UPDATE_CHECK,
-    HELP_MSG_DISABLE_INDICATOR_UPDATE_CHECK,
 )
 from mvt.common.logo import logo
 from mvt.common.updates import IndicatorsUpdates
@@ -55,37 +53,12 @@ log = logging.getLogger("mvt")
 CONTEXT_SETTINGS = dict(help_option_names=["-h", "--help"])
 
 
-def _get_disable_flags(ctx):
-    """Helper function to safely get disable flags from context."""
-    if ctx.obj is None:
-        return False, False
-    return (
-        ctx.obj.get("disable_version_check", False),
-        ctx.obj.get("disable_indicator_check", False),
-    )
-
-
 # ==============================================================================
 # Main
 # ==============================================================================
 @click.group(invoke_without_command=False)
-@click.option(
+def cli():
-    "--disable-update-check", is_flag=True, help=HELP_MSG_DISABLE_UPDATE_CHECK
+    logo()
-)
-@click.option(
-    "--disable-indicator-update-check",
-    is_flag=True,
-    help=HELP_MSG_DISABLE_INDICATOR_UPDATE_CHECK,
-)
-@click.pass_context
-def cli(ctx, disable_update_check, disable_indicator_update_check):
-    ctx.ensure_object(dict)
-    ctx.obj["disable_version_check"] = disable_update_check
-    ctx.obj["disable_indicator_check"] = disable_indicator_update_check
-    logo(
-        disable_version_check=disable_update_check,
-        disable_indicator_check=disable_indicator_update_check,
-    )
 
 
 # ==============================================================================
@@ -193,8 +166,6 @@ def check_adb(
         module_name=module,
         serial=serial,
         module_options=module_options,
-        disable_version_check=_get_disable_flags(ctx)[0],
-        disable_indicator_check=_get_disable_flags(ctx)[1],
     )
 
     if list_modules:
@@ -241,8 +212,6 @@ def check_bugreport(ctx, iocs, output, list_modules, module, verbose, bugreport_
         ioc_files=iocs,
         module_name=module,
         hashes=True,
-        disable_version_check=_get_disable_flags(ctx)[0],
-        disable_indicator_check=_get_disable_flags(ctx)[1],
     )
 
     if list_modules:
@@ -305,8 +274,6 @@ def check_backup(
             "interactive": not non_interactive,
             "backup_password": cli_load_android_backup_password(log, backup_password),
         },
-        disable_version_check=_get_disable_flags(ctx)[0],
-        disable_indicator_check=_get_disable_flags(ctx)[1],
     )
 
     if list_modules:
@@ -371,8 +338,6 @@ def check_androidqf(
             "interactive": not non_interactive,
             "backup_password": cli_load_android_backup_password(log, backup_password),
         },
-        disable_version_check=_get_disable_flags(ctx)[0],
-        disable_indicator_check=_get_disable_flags(ctx)[1],
     )
 
     if list_modules:
@@ -407,13 +372,7 @@ def check_androidqf(
 @click.argument("FOLDER", type=click.Path(exists=True))
 @click.pass_context
 def check_iocs(ctx, iocs, list_modules, module, folder):
-    cmd = CmdCheckIOCS(
+    cmd = CmdCheckIOCS(target_path=folder, ioc_files=iocs, module_name=module)
-        target_path=folder,
-        ioc_files=iocs,
-        module_name=module,
-        disable_version_check=_get_disable_flags(ctx)[0],
-        disable_indicator_check=_get_disable_flags(ctx)[1],
-    )
     cmd.modules = BACKUP_MODULES + ADB_MODULES + BUGREPORT_MODULES
 
     if list_modules:

src/mvt/android/cmd_check_adb.py

@@ -22,8 +22,6 @@ class CmdAndroidCheckADB(Command):
         module_name: Optional[str] = None,
         serial: Optional[str] = None,
         module_options: Optional[dict] = None,
-        disable_version_check: bool = False,
-        disable_indicator_check: bool = False,
     ) -> None:
         super().__init__(
             target_path=target_path,
@@ -33,8 +31,6 @@ class CmdAndroidCheckADB(Command):
             serial=serial,
             module_options=module_options,
             log=log,
-            disable_version_check=disable_version_check,
-            disable_indicator_check=disable_indicator_check,
         )
 
         self.name = "check-adb"

src/mvt/android/cmd_check_androidqf.py

@@ -26,8 +26,6 @@ class CmdAndroidCheckAndroidQF(Command):
         serial: Optional[str] = None,
         module_options: Optional[dict] = None,
         hashes: bool = False,
-        disable_version_check: bool = False,
-        disable_indicator_check: bool = False,
     ) -> None:
         super().__init__(
             target_path=target_path,
@@ -38,8 +36,6 @@ class CmdAndroidCheckAndroidQF(Command):
             module_options=module_options,
             hashes=hashes,
             log=log,
-            disable_version_check=disable_version_check,
-            disable_indicator_check=disable_indicator_check,
         )
 
         self.name = "check-androidqf"

src/mvt/android/cmd_check_backup.py

@@ -36,8 +36,6 @@ class CmdAndroidCheckBackup(Command):
         serial: Optional[str] = None,
         module_options: Optional[dict] = None,
         hashes: bool = False,
-        disable_version_check: bool = False,
-        disable_indicator_check: bool = False,
     ) -> None:
         super().__init__(
             target_path=target_path,
@@ -48,8 +46,6 @@ class CmdAndroidCheckBackup(Command):
             module_options=module_options,
             hashes=hashes,
             log=log,
-            disable_version_check=disable_version_check,
-            disable_indicator_check=disable_indicator_check,
         )
 
         self.name = "check-backup"

src/mvt/android/cmd_check_bugreport.py

@@ -27,8 +27,6 @@ class CmdAndroidCheckBugreport(Command):
         serial: Optional[str] = None,
         module_options: Optional[dict] = None,
         hashes: bool = False,
-        disable_version_check: bool = False,
-        disable_indicator_check: bool = False,
     ) -> None:
         super().__init__(
             target_path=target_path,
@@ -39,8 +37,6 @@ class CmdAndroidCheckBugreport(Command):
             module_options=module_options,
             hashes=hashes,
             log=log,
-            disable_version_check=disable_version_check,
-            disable_indicator_check=disable_indicator_check,
         )
 
         self.name = "check-bugreport"

src/mvt/common/cmd_check_iocs.py

@@ -22,8 +22,6 @@ class CmdCheckIOCS(Command):
         module_name: Optional[str] = None,
         serial: Optional[str] = None,
         module_options: Optional[dict] = None,
-        disable_version_check: bool = False,
-        disable_indicator_check: bool = False,
     ) -> None:
         super().__init__(
             target_path=target_path,
@@ -33,8 +31,6 @@ class CmdCheckIOCS(Command):
             serial=serial,
             module_options=module_options,
             log=log,
-            disable_version_check=disable_version_check,
-            disable_indicator_check=disable_indicator_check,
         )
 
         self.name = "check-iocs"

src/mvt/common/command.py

@@ -32,8 +32,6 @@ class Command:
         module_options: Optional[dict] = None,
         hashes: bool = False,
         log: logging.Logger = logging.getLogger(__name__),
-        disable_version_check: bool = False,
-        disable_indicator_check: bool = False,
     ) -> None:
         self.name = ""
         self.modules = []
@@ -44,8 +42,6 @@ class Command:
         self.module_name = module_name
         self.serial = serial
         self.log = log
-        self.disable_version_check = disable_version_check
-        self.disable_indicator_check = disable_indicator_check
 
         # This dictionary can contain options that will be passed down from
         # the Command to all modules. This can for example be used to pass

src/mvt/common/help.py

@@ -15,8 +15,6 @@ HELP_MSG_HASHES = "Generate hashes of all the files analyzed"
 HELP_MSG_VERBOSE = "Verbose mode"
 HELP_MSG_CHECK_IOCS = "Compare stored JSON results to provided indicators"
 HELP_MSG_STIX2 = "Download public STIX2 indicators"
-HELP_MSG_DISABLE_UPDATE_CHECK = "Disable MVT version update check"
-HELP_MSG_DISABLE_INDICATOR_UPDATE_CHECK = "Disable indicators update check"
 
 # IOS Specific
 HELP_MSG_DECRYPT_BACKUP = "Decrypt an encrypted iTunes backup"

src/mvt/common/logo.py

@@ -12,85 +12,74 @@ from .updates import IndicatorsUpdates, MVTUpdates
 from .version import MVT_VERSION
 
 
-def check_updates(
+def check_updates() -> None:
-    disable_version_check: bool = False, disable_indicator_check: bool = False
-) -> None:
     log = logging.getLogger("mvt")
-
     # First we check for MVT version updates.
-    if not disable_version_check:
+    try:
-        try:
+        mvt_updates = MVTUpdates()
-            mvt_updates = MVTUpdates()
+        latest_version = mvt_updates.check()
-            latest_version = mvt_updates.check()
+    except (requests.exceptions.ConnectionError, requests.exceptions.Timeout):
-        except (requests.exceptions.ConnectionError, requests.exceptions.Timeout):
+        rich_print(
+            "\t\t[bold]Note: Could not check for MVT updates.[/bold] "
+            "You may be working offline. Please update MVT regularly."
+        )
+    except Exception as e:
+        log.error("Error encountered when trying to check latest MVT version: %s", e)
+    else:
+        if latest_version:
             rich_print(
-                "\t\t[bold]Note: Could not check for MVT updates.[/bold] "
+                f"\t\t[bold]Version {latest_version} is available! "
-                "You may be working offline. Please update MVT regularly."
+                "Upgrade mvt with `pip3 install -U mvt` or with `pipx upgrade mvt`[/bold]"
             )
-        except Exception as e:
-            log.error(
-                "Error encountered when trying to check latest MVT version: %s", e
-            )
-        else:
-            if latest_version:
-                rich_print(
-                    f"\t\t[bold]Version {latest_version} is available! "
-                    "Upgrade mvt with `pip3 install -U mvt` or with `pipx upgrade mvt`[/bold]"
-                )
 
     # Then we check for indicators files updates.
-    if not disable_indicator_check:
+    ioc_updates = IndicatorsUpdates()
-        ioc_updates = IndicatorsUpdates()
 
-        # Before proceeding, we check if we have downloaded an indicators index.
+    # Before proceeding, we check if we have downloaded an indicators index.
-        # If not, there's no point in proceeding with the updates check.
+    # If not, there's no point in proceeding with the updates check.
-        if ioc_updates.get_latest_update() == 0:
+    if ioc_updates.get_latest_update() == 0:
-            rich_print(
+        rich_print(
-                "\t\t[bold]You have not yet downloaded any indicators, check "
+            "\t\t[bold]You have not yet downloaded any indicators, check "
-                "the `download-iocs` command![/bold]"
+            "the `download-iocs` command![/bold]"
-            )
+        )
-            return
+        return
 
-        # We only perform this check at a fixed frequency, in order to not
+    # We only perform this check at a fixed frequency, in order to not
-        # overburden the user with too many lookups if the command is being run
+    # overburden the user with too many lookups if the command is being run
-        # multiple times.
+    # multiple times.
-        should_check, hours = ioc_updates.should_check()
+    should_check, hours = ioc_updates.should_check()
-        if not should_check:
+    if not should_check:
-            rich_print(
+        rich_print(
-                f"\t\tIndicators updates checked recently, next automatic check "
+            f"\t\tIndicators updates checked recently, next automatic check "
-                f"in {int(hours)} hours"
+            f"in {int(hours)} hours"
-            )
+        )
-            return
+        return
 
-        try:
+    try:
-            ioc_to_update = ioc_updates.check()
+        ioc_to_update = ioc_updates.check()
-        except (requests.exceptions.ConnectionError, requests.exceptions.Timeout):
+    except (requests.exceptions.ConnectionError, requests.exceptions.Timeout):
+        rich_print(
+            "\t\t[bold]Note: Could not check for indicator updates.[/bold] "
+            "You may be working offline. Please update MVT indicators regularly."
+        )
+    except Exception as e:
+        log.error("Error encountered when trying to check latest MVT indicators: %s", e)
+    else:
+        if ioc_to_update:
             rich_print(
-                "\t\t[bold]Note: Could not check for indicator updates.[/bold] "
+                "\t\t[bold]There are updates to your indicators files! "
-                "You may be working offline. Please update MVT indicators regularly."
+                "Run the `download-iocs` command to update![/bold]"
-            )
-        except Exception as e:
-            log.error(
-                "Error encountered when trying to check latest MVT indicators: %s", e
             )
         else:
-            if ioc_to_update:
+            rich_print("\t\tYour indicators files seem to be up to date.")
-                rich_print(
-                    "\t\t[bold]There are updates to your indicators files! "
-                    "Run the `download-iocs` command to update![/bold]"
-                )
-            else:
-                rich_print("\t\tYour indicators files seem to be up to date.")
 
 
-def logo(
+def logo() -> None:
-    disable_version_check: bool = False, disable_indicator_check: bool = False
-) -> None:
     rich_print("\n")
     rich_print("\t[bold]MVT[/bold] - Mobile Verification Toolkit")
     rich_print("\t\thttps://mvt.re")
     rich_print(f"\t\tVersion: {MVT_VERSION}")
 
-    check_updates(disable_version_check, disable_indicator_check)
+    check_updates()
 
     rich_print("\n")

src/mvt/common/updates.py

@@ -24,11 +24,7 @@ INDICATORS_CHECK_FREQUENCY = 12
 
 class MVTUpdates:
     def check(self) -> str:
-        try:
+        res = requests.get(settings.PYPI_UPDATE_URL, timeout=15)
-            res = requests.get(settings.PYPI_UPDATE_URL, timeout=5)
-        except requests.exceptions.RequestException as e:
-            log.error("Failed to check for updates, skipping updates: %s", e)
-            return ""
         data = res.json()
         latest_version = data.get("info", {}).get("version", "")
 
@@ -97,12 +93,7 @@ class IndicatorsUpdates:
         url = self.github_raw_url.format(
             self.index_owner, self.index_repo, self.index_branch, self.index_path
         )
-        try:
+        res = requests.get(url, timeout=15)
-            res = requests.get(url, timeout=5)
-        except requests.exceptions.RequestException as e:
-            log.error("Failed to retrieve indicators index from %s: %s", url, e)
-            return None
-
         if res.status_code != 200:
             log.error(
                 "Failed to retrieve indicators index located at %s (error %d)",
@@ -114,12 +105,7 @@ class IndicatorsUpdates:
         return yaml.safe_load(res.content)
 
     def download_remote_ioc(self, ioc_url: str) -> Optional[str]:
-        try:
+        res = requests.get(ioc_url, timeout=15)
-            res = requests.get(ioc_url, timeout=15)
-        except requests.exceptions.RequestException as e:
-            log.error("Failed to download indicators file from %s: %s", ioc_url, e)
-            return None
-
         if res.status_code != 200:
             log.error(
                 "Failed to download indicators file from %s (error %d)",
@@ -185,12 +171,7 @@ class IndicatorsUpdates:
         file_commit_url = (
             f"https://api.github.com/repos/{owner}/{repo}/commits?path={path}"
         )
-        try:
+        res = requests.get(file_commit_url, timeout=15)
-            res = requests.get(file_commit_url, timeout=5)
-        except requests.exceptions.RequestException as e:
-            log.error("Failed to get details about file %s: %s", file_commit_url, e)
-            return -1
-
         if res.status_code != 200:
             log.error(
                 "Failed to get details about file %s (error %d)",

src/mvt/ios/cli.py

@@ -37,8 +37,6 @@ from mvt.common.help import (
     HELP_MSG_CHECK_IOCS,
     HELP_MSG_STIX2,
     HELP_MSG_CHECK_IOS_BACKUP,
-    HELP_MSG_DISABLE_UPDATE_CHECK,
-    HELP_MSG_DISABLE_INDICATOR_UPDATE_CHECK,
 )
 from .cmd_check_backup import CmdIOSCheckBackup
 from .cmd_check_fs import CmdIOSCheckFS
@@ -55,37 +53,12 @@ MVT_IOS_BACKUP_PASSWORD = "MVT_IOS_BACKUP_PASSWORD"
 CONTEXT_SETTINGS = dict(help_option_names=["-h", "--help"])
 
 
-def _get_disable_flags(ctx):
-    """Helper function to safely get disable flags from context."""
-    if ctx.obj is None:
-        return False, False
-    return (
-        ctx.obj.get("disable_version_check", False),
-        ctx.obj.get("disable_indicator_check", False),
-    )
-
-
 # ==============================================================================
 # Main
 # ==============================================================================
 @click.group(invoke_without_command=False)
-@click.option(
+def cli():
-    "--disable-update-check", is_flag=True, help=HELP_MSG_DISABLE_UPDATE_CHECK
+    logo()
-)
-@click.option(
-    "--disable-indicator-update-check",
-    is_flag=True,
-    help=HELP_MSG_DISABLE_INDICATOR_UPDATE_CHECK,
-)
-@click.pass_context
-def cli(ctx, disable_update_check, disable_indicator_update_check):
-    ctx.ensure_object(dict)
-    ctx.obj["disable_version_check"] = disable_update_check
-    ctx.obj["disable_indicator_check"] = disable_indicator_update_check
-    logo(
-        disable_version_check=disable_update_check,
-        disable_indicator_check=disable_indicator_update_check,
-    )
 
 
 # ==============================================================================
@@ -246,8 +219,6 @@ def check_backup(
         module_name=module,
         module_options=module_options,
         hashes=hashes,
-        disable_version_check=_get_disable_flags(ctx)[0],
-        disable_indicator_check=_get_disable_flags(ctx)[1],
     )
 
     if list_modules:
@@ -295,8 +266,6 @@ def check_fs(ctx, iocs, output, fast, list_modules, module, hashes, verbose, dum
         module_name=module,
         module_options=module_options,
         hashes=hashes,
-        disable_version_check=_get_disable_flags(ctx)[0],
-        disable_indicator_check=_get_disable_flags(ctx)[1],
     )
 
     if list_modules:
@@ -331,13 +300,7 @@ def check_fs(ctx, iocs, output, fast, list_modules, module, hashes, verbose, dum
 @click.argument("FOLDER", type=click.Path(exists=True))
 @click.pass_context
 def check_iocs(ctx, iocs, list_modules, module, folder):
-    cmd = CmdCheckIOCS(
+    cmd = CmdCheckIOCS(target_path=folder, ioc_files=iocs, module_name=module)
-        target_path=folder,
-        ioc_files=iocs,
-        module_name=module,
-        disable_version_check=_get_disable_flags(ctx)[0],
-        disable_indicator_check=_get_disable_flags(ctx)[1],
-    )
     cmd.modules = BACKUP_MODULES + FS_MODULES + MIXED_MODULES
 
     if list_modules:

src/mvt/ios/cmd_check_backup.py

@@ -24,8 +24,6 @@ class CmdIOSCheckBackup(Command):
         serial: Optional[str] = None,
         module_options: Optional[dict] = None,
         hashes: bool = False,
-        disable_version_check: bool = False,
-        disable_indicator_check: bool = False,
     ) -> None:
         super().__init__(
             target_path=target_path,
@@ -36,8 +34,6 @@ class CmdIOSCheckBackup(Command):
             module_options=module_options,
             hashes=hashes,
             log=log,
-            disable_version_check=disable_version_check,
-            disable_indicator_check=disable_indicator_check,
         )
 
         self.name = "check-backup"

src/mvt/ios/cmd_check_fs.py

@@ -24,19 +24,16 @@ class CmdIOSCheckFS(Command):
         serial: Optional[str] = None,
         module_options: Optional[dict] = None,
         hashes: bool = False,
-        disable_version_check: bool = False,
-        disable_indicator_check: bool = False,
     ) -> None:
         super().__init__(
             target_path=target_path,
             results_path=results_path,
             ioc_files=ioc_files,
             module_name=module_name,
+            serial=serial,
             module_options=module_options,
             hashes=hashes,
             log=log,
-            disable_version_check=disable_version_check,
-            disable_indicator_check=disable_indicator_check,
         )
 
         self.name = "check-fs"