#!/usr/bin/python3
''' This Script encrypt Wireguardfiles for Wirepy users for more Security'''

import os
from subprocess import check_call
from pathlib import Path
import shutil

uname = Path('/tmp/.loguser')

with open(uname, 'r') as f:
    logname = f.readline()

keyfile = Path(f'/home/{logname}/.config/wire_py/pbwgk.pem')
dirname = Path('/tmp/tlecdcwg/')
pkeyfile = '/usr/local/etc/ssl/pwgk.pem'

if not keyfile.is_file():
    
    check_call(['openssl', 'rsa', '-in', pkeyfile, '-out', keyfile, '-outform', 'PEM', '-pubout'])        
    shutil.chown(keyfile, 1000, 1000)
    
    if dirname.exists():
        tl = os.listdir(str(dirname))
        cpth = str(keyfile)
        cryptfiles = cpth[:-9]

        if keyfile.exists() and len(tl) != 0:
            for tunnels in tl:
                sourcetl = str(dirname) + '/' + tunnels
                tlname = cryptfiles + tunnels[:-5] + '.dat'
                check_call(['openssl', 'pkeyutl', '-encrypt', '-inkey', keyfile, '-pubin', '-in', sourcetl, '-out', tlname])

else:

    if dirname.exists():
        tl = os.listdir(str(dirname))
        cpth = str(keyfile)
        cryptfiles = cpth[:-9]

        if keyfile.exists() and len(tl) != 0:
            for tunnels in tl:
                sourcetl = str(dirname) + '/' + tunnels
                tlname = cryptfiles + tunnels[:-5] + '.dat'
                check_call(['openssl', 'pkeyutl', '-encrypt', '-inkey', keyfile, '-pubin', '-in', sourcetl, '-out', tlname])