#!/usr/bin/python3
""" This Script encrypt Wireguardfiles for Wirepy users for more Security """

import os
import shutil
from pathlib import Path
from subprocess import check_call

uname: Path = Path("/tmp/.log_user")

log_name = Path(uname).read_text(encoding="utf-8")

keyfile: Path = Path(f"/home/{log_name}/.config/wire_py/pbwgk.pem")
folder_path: Path = Path("/tmp/tlecdcwg/")
PKEYFILE = "/usr/local/etc/ssl/pwgk.pem"

if not keyfile.is_file():

    check_call(["openssl", "rsa", "-in", PKEYFILE, "-out", keyfile, "-outform", "PEM", "-pubout"])
    shutil.chown(keyfile, 1000, 1000)

    if folder_path.exists():
        tl = os.listdir(f"{folder_path}")
        CPTH: str = f"{keyfile}"
        CRYPTFILES: str = CPTH[:-9]

        if keyfile.exists() and len(tl) != 0:
            for tunnels in tl:
                sourcetl: str = f"{folder_path}/{tunnels}"
                tlname: str = f"{CRYPTFILES}{tunnels[:-5]}.dat"
                check_call(["openssl", "pkeyutl", "-encrypt", "-inkey", keyfile, "-pubin", "-in", sourcetl, "-out",
                            tlname,])

else:

    if folder_path.exists():
        tl: list[str] = os.listdir(f"{folder_path}")
        CPTH: str = f"{keyfile}"
        CRYPTFILES: str = CPTH[:-9]

        if keyfile.exists() and len(tl) != 0:
            for tunnels in tl:
                sourcetl: str = f"{folder_path}/{tunnels}"
                tlname: str = f"{CRYPTFILES}{tunnels[:-5]}.dat"
                check_call(["openssl", "pkeyutl", "-encrypt", "-inkey", keyfile, "-pubin", "-in", sourcetl, "-out",
                            tlname])