#!/usr/bin/python3
""" This Script decrypt Wireguardfiles for Wirepy users """

import os
import shutil
from pathlib import Path
from subprocess import check_call

uname = Path("/tmp/.loguser")

with open(uname, "r", encoding="utf-8") as f:
    logname = f.readline()

# Dirname "tlecdewg" = Tunnel Encrypt Decrypt Wireguard
dirname = Path("/tmp/tlecdcwg/")
keyfile = Path(f"/home/{logname}/.config/wire_py/pbwgk.pem")
PKEYFILE = "/usr/local/etc/ssl/pwgk.pem"

if not keyfile.is_file():

    check_call(
        [
            "openssl",
            "rsa",
            "-in",
            PKEYFILE,
            "-out",
            keyfile,
            "-outform",
            "PEM",
            "-pubout",
        ]
    )
    shutil.chown(keyfile, 1000, 1000)

dirname2 = "/home/" + logname + "/.config/wire_py/"
detl = os.listdir(dirname2)
os.chdir(dirname2)
detl.remove("keys")
detl.remove("settings")
if os.path.exists(dirname2 + "pbwgk.pem"):
    detl.remove("pbwgk.pem")
    for detunnels in detl:
        tlname2 = detunnels[:-4] + ".conf"
        extpath = str(dirname) + "/" + tlname2
        check_call(
            [
                "openssl",
                "pkeyutl",
                "-decrypt",
                "-inkey",
                PKEYFILE,
                "-in",
                detunnels,
                "-out",
                extpath,
            ]
        )
        shutil.chown(extpath, 1000, 1000)