#!/usr/bin/python3
""" This Script decrypt Wireguard files for Wirepy users """

import os
import shutil
from pathlib import Path
from subprocess import check_call
from wp_app_config import AppConfig

uname: Path = Path("/tmp/.log_user")

log_name = Path(uname).read_text(encoding="utf-8")

keyfile: Path = Path(f"/home/{log_name}/.config/wire_py/pbwgk.pem")

# PKEYFILE: Path = "/usr/local/etc/ssl/pwgk.pem"

if not keyfile.is_file():

    check_call(
        [
            "openssl",
            "rsa",
            "-in",
            AppConfig.SYSTEM_PATHS["pkey_path"],
            "-out",
            keyfile,
            "-outform",
            "PEM",
            "-pubout",
        ]
    )
    shutil.chown(keyfile, 1000, 1000)

AppConfig.TEMP_DIR2 = f"/home/{log_name}/.config/wire_py/"
detl: list[str] = os.listdir(AppConfig.TEMP_DIR2)
os.chdir(AppConfig.TEMP_DIR2)
detl.remove("keys")
detl.remove("settings")
if os.path.exists(f"{AppConfig.TEMP_DIR2}pbwgk.pem"):
    detl.remove("pbwgk.pem")
    for detunnels in detl:
        tlname2 = f"{detunnels[:-4]}.conf"
        extpath = f"{AppConfig.TEMP_DIR}/{tlname2}"
        check_call(
            [
                "openssl",
                "pkeyutl",
                "-decrypt",
                "-inkey",
                AppConfig.SYSTEM_PATHS["pkey_path"],
                "-in",
                detunnels,
                "-out",
                extpath,
            ]
        )
        shutil.chown(extpath, 1000, 1000)