{-# LANGUAGE TypeApplications #-}


-- | Copyright  : Will Thompson, Iñaki García Etxebarria and Jonas Platte
-- License    : LGPL-2.1
-- Maintainer : Iñaki García Etxebarria
-- 
-- A certificate used for TLS authentication and encryption.
-- This can represent either a certificate only (eg, the certificate
-- received by a client from a server), or the combination of
-- a certificate and a private key (which is needed when acting as a
-- t'GI.Gio.Interfaces.TlsServerConnection.TlsServerConnection').
-- 
-- /Since: 2.28/

#if (MIN_VERSION_haskell_gi_overloading(1,0,0) && !defined(__HADDOCK_VERSION__))
#define ENABLE_OVERLOADING
#endif

module GI.Gio.Objects.TlsCertificate
    (

-- * Exported types
    TlsCertificate(..)                      ,
    IsTlsCertificate                        ,
    toTlsCertificate                        ,
    noTlsCertificate                        ,


 -- * Methods
-- ** Overloaded methods #method:Overloaded methods#

#if defined(ENABLE_OVERLOADING)
    ResolveTlsCertificateMethod             ,
#endif


-- ** getIssuer #method:getIssuer#

#if defined(ENABLE_OVERLOADING)
    TlsCertificateGetIssuerMethodInfo       ,
#endif
    tlsCertificateGetIssuer                 ,


-- ** isSame #method:isSame#

#if defined(ENABLE_OVERLOADING)
    TlsCertificateIsSameMethodInfo          ,
#endif
    tlsCertificateIsSame                    ,


-- ** listNewFromFile #method:listNewFromFile#

    tlsCertificateListNewFromFile           ,


-- ** newFromFile #method:newFromFile#

    tlsCertificateNewFromFile               ,


-- ** newFromFiles #method:newFromFiles#

    tlsCertificateNewFromFiles              ,


-- ** newFromPem #method:newFromPem#

    tlsCertificateNewFromPem                ,


-- ** newFromPkcs11Uris #method:newFromPkcs11Uris#

    tlsCertificateNewFromPkcs11Uris         ,


-- ** verify #method:verify#

#if defined(ENABLE_OVERLOADING)
    TlsCertificateVerifyMethodInfo          ,
#endif
    tlsCertificateVerify                    ,




 -- * Properties
-- ** certificate #attr:certificate#
-- | The DER (binary) encoded representation of the certificate.
-- This property and the t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/certificate-pem/@ property
-- represent the same data, just in different forms.
-- 
-- /Since: 2.28/

#if defined(ENABLE_OVERLOADING)
    TlsCertificateCertificatePropertyInfo   ,
#endif
    constructTlsCertificateCertificate      ,
    getTlsCertificateCertificate            ,
#if defined(ENABLE_OVERLOADING)
    tlsCertificateCertificate               ,
#endif


-- ** certificatePem #attr:certificatePem#
-- | The PEM (ASCII) encoded representation of the certificate.
-- This property and the t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/certificate/@
-- property represent the same data, just in different forms.
-- 
-- /Since: 2.28/

#if defined(ENABLE_OVERLOADING)
    TlsCertificateCertificatePemPropertyInfo,
#endif
    constructTlsCertificateCertificatePem   ,
    getTlsCertificateCertificatePem         ,
#if defined(ENABLE_OVERLOADING)
    tlsCertificateCertificatePem            ,
#endif


-- ** issuer #attr:issuer#
-- | A t'GI.Gio.Objects.TlsCertificate.TlsCertificate' representing the entity that issued this
-- certificate. If 'P.Nothing', this means that the certificate is either
-- self-signed, or else the certificate of the issuer is not
-- available.
-- 
-- /Since: 2.28/

#if defined(ENABLE_OVERLOADING)
    TlsCertificateIssuerPropertyInfo        ,
#endif
    constructTlsCertificateIssuer           ,
    getTlsCertificateIssuer                 ,
#if defined(ENABLE_OVERLOADING)
    tlsCertificateIssuer                    ,
#endif


-- ** pkcs11Uri #attr:pkcs11Uri#
-- | A URI referencing the PKCS #11 objects containing an X.509 certificate
-- and optionally a private key.
-- 
-- If 'P.Nothing' the certificate is either not backed by PKCS #11 or the
-- t'GI.Gio.Interfaces.TlsBackend.TlsBackend' does not support PKCS #11.
-- 
-- /Since: 2.64/

#if defined(ENABLE_OVERLOADING)
    TlsCertificatePkcs11UriPropertyInfo     ,
#endif
    constructTlsCertificatePkcs11Uri        ,
    getTlsCertificatePkcs11Uri              ,
#if defined(ENABLE_OVERLOADING)
    tlsCertificatePkcs11Uri                 ,
#endif


-- ** privateKey #attr:privateKey#
-- | The DER (binary) encoded representation of the certificate\'s
-- private key, in either PKCS@/1/@ format or unencrypted PKCS@/8/@
-- format. This property (or the t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/private-key-pem/@
-- property) can be set when constructing a key (eg, from a file),
-- but cannot be read.
-- 
-- PKCS@/8/@ format is supported since 2.32; earlier releases only
-- support PKCS@/1/@. You can use the @openssl rsa@
-- tool to convert PKCS@/8/@ keys to PKCS@/1/@.
-- 
-- /Since: 2.28/

#if defined(ENABLE_OVERLOADING)
    TlsCertificatePrivateKeyPropertyInfo    ,
#endif
    constructTlsCertificatePrivateKey       ,
#if defined(ENABLE_OVERLOADING)
    tlsCertificatePrivateKey                ,
#endif


-- ** privateKeyPem #attr:privateKeyPem#
-- | The PEM (ASCII) encoded representation of the certificate\'s
-- private key in either PKCS@/1/@ format (\"@BEGIN RSA PRIVATE
-- KEY@\") or unencrypted PKCS@/8/@ format (\"@BEGIN
-- PRIVATE KEY@\"). This property (or the
-- t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/private-key/@ property) can be set when
-- constructing a key (eg, from a file), but cannot be read.
-- 
-- PKCS@/8/@ format is supported since 2.32; earlier releases only
-- support PKCS@/1/@. You can use the @openssl rsa@
-- tool to convert PKCS@/8/@ keys to PKCS@/1/@.
-- 
-- /Since: 2.28/

#if defined(ENABLE_OVERLOADING)
    TlsCertificatePrivateKeyPemPropertyInfo ,
#endif
    constructTlsCertificatePrivateKeyPem    ,
#if defined(ENABLE_OVERLOADING)
    tlsCertificatePrivateKeyPem             ,
#endif


-- ** privateKeyPkcs11Uri #attr:privateKeyPkcs11Uri#
-- | A URI referencing a PKCS #11 object containing a private key.
-- 
-- /Since: 2.64/

#if defined(ENABLE_OVERLOADING)
    TlsCertificatePrivateKeyPkcs11UriPropertyInfo,
#endif
    constructTlsCertificatePrivateKeyPkcs11Uri,
    getTlsCertificatePrivateKeyPkcs11Uri    ,
#if defined(ENABLE_OVERLOADING)
    tlsCertificatePrivateKeyPkcs11Uri       ,
#endif




    ) where

import Data.GI.Base.ShortPrelude
import qualified Data.GI.Base.ShortPrelude as SP
import qualified Data.GI.Base.Overloading as O
import qualified Prelude as P

import qualified Data.GI.Base.Attributes as GI.Attributes
import qualified Data.GI.Base.ManagedPtr as B.ManagedPtr
import qualified Data.GI.Base.GClosure as B.GClosure
import qualified Data.GI.Base.GError as B.GError
import qualified Data.GI.Base.GVariant as B.GVariant
import qualified Data.GI.Base.GValue as B.GValue
import qualified Data.GI.Base.GParamSpec as B.GParamSpec
import qualified Data.GI.Base.CallStack as B.CallStack
import qualified Data.GI.Base.Properties as B.Properties
import qualified Data.GI.Base.Signals as B.Signals
import qualified Data.Text as T
import qualified Data.ByteString.Char8 as B
import qualified Data.Map as Map
import qualified Foreign.Ptr as FP
import qualified GHC.OverloadedLabels as OL

import qualified GI.GObject.Objects.Object as GObject.Object
import {-# SOURCE #-} qualified GI.Gio.Flags as Gio.Flags
import {-# SOURCE #-} qualified GI.Gio.Interfaces.SocketConnectable as Gio.SocketConnectable

-- | Memory-managed wrapper type.
newtype TlsCertificate = TlsCertificate (ManagedPtr TlsCertificate)
    deriving (Eq)
foreign import ccall "g_tls_certificate_get_type"
    c_g_tls_certificate_get_type :: IO GType

instance GObject TlsCertificate where
    gobjectType = c_g_tls_certificate_get_type


-- | Convert 'TlsCertificate' to and from 'Data.GI.Base.GValue.GValue' with 'Data.GI.Base.GValue.toGValue' and 'Data.GI.Base.GValue.fromGValue'.
instance B.GValue.IsGValue TlsCertificate where
    toGValue o = do
        gtype <- c_g_tls_certificate_get_type
        B.ManagedPtr.withManagedPtr o (B.GValue.buildGValue gtype B.GValue.set_object)

    fromGValue gv = do
        ptr <- B.GValue.get_object gv :: IO (Ptr TlsCertificate)
        B.ManagedPtr.newObject TlsCertificate ptr



-- | Type class for types which can be safely cast to `TlsCertificate`, for instance with `toTlsCertificate`.
class (GObject o, O.IsDescendantOf TlsCertificate o) => IsTlsCertificate o
instance (GObject o, O.IsDescendantOf TlsCertificate o) => IsTlsCertificate o

instance O.HasParentTypes TlsCertificate
type instance O.ParentTypes TlsCertificate = '[GObject.Object.Object]

-- | Cast to `TlsCertificate`, for types for which this is known to be safe. For general casts, use `Data.GI.Base.ManagedPtr.castTo`.
toTlsCertificate :: (MonadIO m, IsTlsCertificate o) => o -> m TlsCertificate
toTlsCertificate = liftIO . unsafeCastTo TlsCertificate

-- | A convenience alias for `Nothing` :: `Maybe` `TlsCertificate`.
noTlsCertificate :: Maybe TlsCertificate
noTlsCertificate = Nothing

#if defined(ENABLE_OVERLOADING)
type family ResolveTlsCertificateMethod (t :: Symbol) (o :: *) :: * where
    ResolveTlsCertificateMethod "bindProperty" o = GObject.Object.ObjectBindPropertyMethodInfo
    ResolveTlsCertificateMethod "bindPropertyFull" o = GObject.Object.ObjectBindPropertyFullMethodInfo
    ResolveTlsCertificateMethod "forceFloating" o = GObject.Object.ObjectForceFloatingMethodInfo
    ResolveTlsCertificateMethod "freezeNotify" o = GObject.Object.ObjectFreezeNotifyMethodInfo
    ResolveTlsCertificateMethod "getv" o = GObject.Object.ObjectGetvMethodInfo
    ResolveTlsCertificateMethod "isFloating" o = GObject.Object.ObjectIsFloatingMethodInfo
    ResolveTlsCertificateMethod "isSame" o = TlsCertificateIsSameMethodInfo
    ResolveTlsCertificateMethod "notify" o = GObject.Object.ObjectNotifyMethodInfo
    ResolveTlsCertificateMethod "notifyByPspec" o = GObject.Object.ObjectNotifyByPspecMethodInfo
    ResolveTlsCertificateMethod "ref" o = GObject.Object.ObjectRefMethodInfo
    ResolveTlsCertificateMethod "refSink" o = GObject.Object.ObjectRefSinkMethodInfo
    ResolveTlsCertificateMethod "runDispose" o = GObject.Object.ObjectRunDisposeMethodInfo
    ResolveTlsCertificateMethod "stealData" o = GObject.Object.ObjectStealDataMethodInfo
    ResolveTlsCertificateMethod "stealQdata" o = GObject.Object.ObjectStealQdataMethodInfo
    ResolveTlsCertificateMethod "thawNotify" o = GObject.Object.ObjectThawNotifyMethodInfo
    ResolveTlsCertificateMethod "unref" o = GObject.Object.ObjectUnrefMethodInfo
    ResolveTlsCertificateMethod "verify" o = TlsCertificateVerifyMethodInfo
    ResolveTlsCertificateMethod "watchClosure" o = GObject.Object.ObjectWatchClosureMethodInfo
    ResolveTlsCertificateMethod "getData" o = GObject.Object.ObjectGetDataMethodInfo
    ResolveTlsCertificateMethod "getIssuer" o = TlsCertificateGetIssuerMethodInfo
    ResolveTlsCertificateMethod "getProperty" o = GObject.Object.ObjectGetPropertyMethodInfo
    ResolveTlsCertificateMethod "getQdata" o = GObject.Object.ObjectGetQdataMethodInfo
    ResolveTlsCertificateMethod "setData" o = GObject.Object.ObjectSetDataMethodInfo
    ResolveTlsCertificateMethod "setDataFull" o = GObject.Object.ObjectSetDataFullMethodInfo
    ResolveTlsCertificateMethod "setProperty" o = GObject.Object.ObjectSetPropertyMethodInfo
    ResolveTlsCertificateMethod l o = O.MethodResolutionFailed l o

instance (info ~ ResolveTlsCertificateMethod t TlsCertificate, O.MethodInfo info TlsCertificate p) => OL.IsLabel t (TlsCertificate -> p) where
#if MIN_VERSION_base(4,10,0)
    fromLabel = O.overloadedMethod @info
#else
    fromLabel _ = O.overloadedMethod @info
#endif

#endif

-- VVV Prop "certificate"
   -- Type: TByteArray
   -- Flags: [PropertyReadable,PropertyWritable,PropertyConstructOnly]
   -- Nullable: (Nothing,Nothing)

-- | Get the value of the “@certificate@” property.
-- When <https://github.com/haskell-gi/haskell-gi/wiki/Overloading overloading> is enabled, this is equivalent to
-- 
-- @
-- 'Data.GI.Base.Attributes.get' tlsCertificate #certificate
-- @
getTlsCertificateCertificate :: (MonadIO m, IsTlsCertificate o) => o -> m (Maybe ByteString)
getTlsCertificateCertificate obj = liftIO $ B.Properties.getObjectPropertyByteArray obj "certificate"

-- | Construct a `GValueConstruct` with valid value for the “@certificate@” property. This is rarely needed directly, but it is used by `Data.GI.Base.Constructible.new`.
constructTlsCertificateCertificate :: (IsTlsCertificate o) => ByteString -> IO (GValueConstruct o)
constructTlsCertificateCertificate val = B.Properties.constructObjectPropertyByteArray "certificate" (Just val)

#if defined(ENABLE_OVERLOADING)
data TlsCertificateCertificatePropertyInfo
instance AttrInfo TlsCertificateCertificatePropertyInfo where
    type AttrAllowedOps TlsCertificateCertificatePropertyInfo = '[ 'AttrConstruct, 'AttrGet, 'AttrClear]
    type AttrBaseTypeConstraint TlsCertificateCertificatePropertyInfo = IsTlsCertificate
    type AttrSetTypeConstraint TlsCertificateCertificatePropertyInfo = (~) ByteString
    type AttrTransferTypeConstraint TlsCertificateCertificatePropertyInfo = (~) ByteString
    type AttrTransferType TlsCertificateCertificatePropertyInfo = ByteString
    type AttrGetType TlsCertificateCertificatePropertyInfo = (Maybe ByteString)
    type AttrLabel TlsCertificateCertificatePropertyInfo = "certificate"
    type AttrOrigin TlsCertificateCertificatePropertyInfo = TlsCertificate
    attrGet = getTlsCertificateCertificate
    attrSet = undefined
    attrTransfer _ v = do
        return v
    attrConstruct = constructTlsCertificateCertificate
    attrClear = undefined
#endif

-- VVV Prop "certificate-pem"
   -- Type: TBasicType TUTF8
   -- Flags: [PropertyReadable,PropertyWritable,PropertyConstructOnly]
   -- Nullable: (Nothing,Nothing)

-- | Get the value of the “@certificate-pem@” property.
-- When <https://github.com/haskell-gi/haskell-gi/wiki/Overloading overloading> is enabled, this is equivalent to
-- 
-- @
-- 'Data.GI.Base.Attributes.get' tlsCertificate #certificatePem
-- @
getTlsCertificateCertificatePem :: (MonadIO m, IsTlsCertificate o) => o -> m (Maybe T.Text)
getTlsCertificateCertificatePem obj = liftIO $ B.Properties.getObjectPropertyString obj "certificate-pem"

-- | Construct a `GValueConstruct` with valid value for the “@certificate-pem@” property. This is rarely needed directly, but it is used by `Data.GI.Base.Constructible.new`.
constructTlsCertificateCertificatePem :: (IsTlsCertificate o) => T.Text -> IO (GValueConstruct o)
constructTlsCertificateCertificatePem val = B.Properties.constructObjectPropertyString "certificate-pem" (Just val)

#if defined(ENABLE_OVERLOADING)
data TlsCertificateCertificatePemPropertyInfo
instance AttrInfo TlsCertificateCertificatePemPropertyInfo where
    type AttrAllowedOps TlsCertificateCertificatePemPropertyInfo = '[ 'AttrConstruct, 'AttrGet, 'AttrClear]
    type AttrBaseTypeConstraint TlsCertificateCertificatePemPropertyInfo = IsTlsCertificate
    type AttrSetTypeConstraint TlsCertificateCertificatePemPropertyInfo = (~) T.Text
    type AttrTransferTypeConstraint TlsCertificateCertificatePemPropertyInfo = (~) T.Text
    type AttrTransferType TlsCertificateCertificatePemPropertyInfo = T.Text
    type AttrGetType TlsCertificateCertificatePemPropertyInfo = (Maybe T.Text)
    type AttrLabel TlsCertificateCertificatePemPropertyInfo = "certificate-pem"
    type AttrOrigin TlsCertificateCertificatePemPropertyInfo = TlsCertificate
    attrGet = getTlsCertificateCertificatePem
    attrSet = undefined
    attrTransfer _ v = do
        return v
    attrConstruct = constructTlsCertificateCertificatePem
    attrClear = undefined
#endif

-- VVV Prop "issuer"
   -- Type: TInterface (Name {namespace = "Gio", name = "TlsCertificate"})
   -- Flags: [PropertyReadable,PropertyWritable,PropertyConstructOnly]
   -- Nullable: (Just False,Nothing)

-- | Get the value of the “@issuer@” property.
-- When <https://github.com/haskell-gi/haskell-gi/wiki/Overloading overloading> is enabled, this is equivalent to
-- 
-- @
-- 'Data.GI.Base.Attributes.get' tlsCertificate #issuer
-- @
getTlsCertificateIssuer :: (MonadIO m, IsTlsCertificate o) => o -> m TlsCertificate
getTlsCertificateIssuer obj = liftIO $ checkUnexpectedNothing "getTlsCertificateIssuer" $ B.Properties.getObjectPropertyObject obj "issuer" TlsCertificate

-- | Construct a `GValueConstruct` with valid value for the “@issuer@” property. This is rarely needed directly, but it is used by `Data.GI.Base.Constructible.new`.
constructTlsCertificateIssuer :: (IsTlsCertificate o, IsTlsCertificate a) => a -> IO (GValueConstruct o)
constructTlsCertificateIssuer val = B.Properties.constructObjectPropertyObject "issuer" (Just val)

#if defined(ENABLE_OVERLOADING)
data TlsCertificateIssuerPropertyInfo
instance AttrInfo TlsCertificateIssuerPropertyInfo where
    type AttrAllowedOps TlsCertificateIssuerPropertyInfo = '[ 'AttrConstruct, 'AttrGet, 'AttrClear]
    type AttrBaseTypeConstraint TlsCertificateIssuerPropertyInfo = IsTlsCertificate
    type AttrSetTypeConstraint TlsCertificateIssuerPropertyInfo = IsTlsCertificate
    type AttrTransferTypeConstraint TlsCertificateIssuerPropertyInfo = IsTlsCertificate
    type AttrTransferType TlsCertificateIssuerPropertyInfo = TlsCertificate
    type AttrGetType TlsCertificateIssuerPropertyInfo = TlsCertificate
    type AttrLabel TlsCertificateIssuerPropertyInfo = "issuer"
    type AttrOrigin TlsCertificateIssuerPropertyInfo = TlsCertificate
    attrGet = getTlsCertificateIssuer
    attrSet = undefined
    attrTransfer _ v = do
        unsafeCastTo TlsCertificate v
    attrConstruct = constructTlsCertificateIssuer
    attrClear = undefined
#endif

-- VVV Prop "pkcs11-uri"
   -- Type: TBasicType TUTF8
   -- Flags: [PropertyReadable,PropertyWritable,PropertyConstructOnly]
   -- Nullable: (Nothing,Nothing)

-- | Get the value of the “@pkcs11-uri@” property.
-- When <https://github.com/haskell-gi/haskell-gi/wiki/Overloading overloading> is enabled, this is equivalent to
-- 
-- @
-- 'Data.GI.Base.Attributes.get' tlsCertificate #pkcs11Uri
-- @
getTlsCertificatePkcs11Uri :: (MonadIO m, IsTlsCertificate o) => o -> m (Maybe T.Text)
getTlsCertificatePkcs11Uri obj = liftIO $ B.Properties.getObjectPropertyString obj "pkcs11-uri"

-- | Construct a `GValueConstruct` with valid value for the “@pkcs11-uri@” property. This is rarely needed directly, but it is used by `Data.GI.Base.Constructible.new`.
constructTlsCertificatePkcs11Uri :: (IsTlsCertificate o) => T.Text -> IO (GValueConstruct o)
constructTlsCertificatePkcs11Uri val = B.Properties.constructObjectPropertyString "pkcs11-uri" (Just val)

#if defined(ENABLE_OVERLOADING)
data TlsCertificatePkcs11UriPropertyInfo
instance AttrInfo TlsCertificatePkcs11UriPropertyInfo where
    type AttrAllowedOps TlsCertificatePkcs11UriPropertyInfo = '[ 'AttrConstruct, 'AttrGet, 'AttrClear]
    type AttrBaseTypeConstraint TlsCertificatePkcs11UriPropertyInfo = IsTlsCertificate
    type AttrSetTypeConstraint TlsCertificatePkcs11UriPropertyInfo = (~) T.Text
    type AttrTransferTypeConstraint TlsCertificatePkcs11UriPropertyInfo = (~) T.Text
    type AttrTransferType TlsCertificatePkcs11UriPropertyInfo = T.Text
    type AttrGetType TlsCertificatePkcs11UriPropertyInfo = (Maybe T.Text)
    type AttrLabel TlsCertificatePkcs11UriPropertyInfo = "pkcs11-uri"
    type AttrOrigin TlsCertificatePkcs11UriPropertyInfo = TlsCertificate
    attrGet = getTlsCertificatePkcs11Uri
    attrSet = undefined
    attrTransfer _ v = do
        return v
    attrConstruct = constructTlsCertificatePkcs11Uri
    attrClear = undefined
#endif

-- VVV Prop "private-key"
   -- Type: TByteArray
   -- Flags: [PropertyWritable,PropertyConstructOnly]
   -- Nullable: (Nothing,Nothing)

-- | Construct a `GValueConstruct` with valid value for the “@private-key@” property. This is rarely needed directly, but it is used by `Data.GI.Base.Constructible.new`.
constructTlsCertificatePrivateKey :: (IsTlsCertificate o) => ByteString -> IO (GValueConstruct o)
constructTlsCertificatePrivateKey val = B.Properties.constructObjectPropertyByteArray "private-key" (Just val)

#if defined(ENABLE_OVERLOADING)
data TlsCertificatePrivateKeyPropertyInfo
instance AttrInfo TlsCertificatePrivateKeyPropertyInfo where
    type AttrAllowedOps TlsCertificatePrivateKeyPropertyInfo = '[ 'AttrConstruct, 'AttrClear]
    type AttrBaseTypeConstraint TlsCertificatePrivateKeyPropertyInfo = IsTlsCertificate
    type AttrSetTypeConstraint TlsCertificatePrivateKeyPropertyInfo = (~) ByteString
    type AttrTransferTypeConstraint TlsCertificatePrivateKeyPropertyInfo = (~) ByteString
    type AttrTransferType TlsCertificatePrivateKeyPropertyInfo = ByteString
    type AttrGetType TlsCertificatePrivateKeyPropertyInfo = ()
    type AttrLabel TlsCertificatePrivateKeyPropertyInfo = "private-key"
    type AttrOrigin TlsCertificatePrivateKeyPropertyInfo = TlsCertificate
    attrGet = undefined
    attrSet = undefined
    attrTransfer _ v = do
        return v
    attrConstruct = constructTlsCertificatePrivateKey
    attrClear = undefined
#endif

-- VVV Prop "private-key-pem"
   -- Type: TBasicType TUTF8
   -- Flags: [PropertyWritable,PropertyConstructOnly]
   -- Nullable: (Nothing,Nothing)

-- | Construct a `GValueConstruct` with valid value for the “@private-key-pem@” property. This is rarely needed directly, but it is used by `Data.GI.Base.Constructible.new`.
constructTlsCertificatePrivateKeyPem :: (IsTlsCertificate o) => T.Text -> IO (GValueConstruct o)
constructTlsCertificatePrivateKeyPem val = B.Properties.constructObjectPropertyString "private-key-pem" (Just val)

#if defined(ENABLE_OVERLOADING)
data TlsCertificatePrivateKeyPemPropertyInfo
instance AttrInfo TlsCertificatePrivateKeyPemPropertyInfo where
    type AttrAllowedOps TlsCertificatePrivateKeyPemPropertyInfo = '[ 'AttrConstruct, 'AttrClear]
    type AttrBaseTypeConstraint TlsCertificatePrivateKeyPemPropertyInfo = IsTlsCertificate
    type AttrSetTypeConstraint TlsCertificatePrivateKeyPemPropertyInfo = (~) T.Text
    type AttrTransferTypeConstraint TlsCertificatePrivateKeyPemPropertyInfo = (~) T.Text
    type AttrTransferType TlsCertificatePrivateKeyPemPropertyInfo = T.Text
    type AttrGetType TlsCertificatePrivateKeyPemPropertyInfo = ()
    type AttrLabel TlsCertificatePrivateKeyPemPropertyInfo = "private-key-pem"
    type AttrOrigin TlsCertificatePrivateKeyPemPropertyInfo = TlsCertificate
    attrGet = undefined
    attrSet = undefined
    attrTransfer _ v = do
        return v
    attrConstruct = constructTlsCertificatePrivateKeyPem
    attrClear = undefined
#endif

-- VVV Prop "private-key-pkcs11-uri"
   -- Type: TBasicType TUTF8
   -- Flags: [PropertyReadable,PropertyWritable,PropertyConstructOnly]
   -- Nullable: (Nothing,Nothing)

-- | Get the value of the “@private-key-pkcs11-uri@” property.
-- When <https://github.com/haskell-gi/haskell-gi/wiki/Overloading overloading> is enabled, this is equivalent to
-- 
-- @
-- 'Data.GI.Base.Attributes.get' tlsCertificate #privateKeyPkcs11Uri
-- @
getTlsCertificatePrivateKeyPkcs11Uri :: (MonadIO m, IsTlsCertificate o) => o -> m (Maybe T.Text)
getTlsCertificatePrivateKeyPkcs11Uri obj = liftIO $ B.Properties.getObjectPropertyString obj "private-key-pkcs11-uri"

-- | Construct a `GValueConstruct` with valid value for the “@private-key-pkcs11-uri@” property. This is rarely needed directly, but it is used by `Data.GI.Base.Constructible.new`.
constructTlsCertificatePrivateKeyPkcs11Uri :: (IsTlsCertificate o) => T.Text -> IO (GValueConstruct o)
constructTlsCertificatePrivateKeyPkcs11Uri val = B.Properties.constructObjectPropertyString "private-key-pkcs11-uri" (Just val)

#if defined(ENABLE_OVERLOADING)
data TlsCertificatePrivateKeyPkcs11UriPropertyInfo
instance AttrInfo TlsCertificatePrivateKeyPkcs11UriPropertyInfo where
    type AttrAllowedOps TlsCertificatePrivateKeyPkcs11UriPropertyInfo = '[ 'AttrConstruct, 'AttrGet, 'AttrClear]
    type AttrBaseTypeConstraint TlsCertificatePrivateKeyPkcs11UriPropertyInfo = IsTlsCertificate
    type AttrSetTypeConstraint TlsCertificatePrivateKeyPkcs11UriPropertyInfo = (~) T.Text
    type AttrTransferTypeConstraint TlsCertificatePrivateKeyPkcs11UriPropertyInfo = (~) T.Text
    type AttrTransferType TlsCertificatePrivateKeyPkcs11UriPropertyInfo = T.Text
    type AttrGetType TlsCertificatePrivateKeyPkcs11UriPropertyInfo = (Maybe T.Text)
    type AttrLabel TlsCertificatePrivateKeyPkcs11UriPropertyInfo = "private-key-pkcs11-uri"
    type AttrOrigin TlsCertificatePrivateKeyPkcs11UriPropertyInfo = TlsCertificate
    attrGet = getTlsCertificatePrivateKeyPkcs11Uri
    attrSet = undefined
    attrTransfer _ v = do
        return v
    attrConstruct = constructTlsCertificatePrivateKeyPkcs11Uri
    attrClear = undefined
#endif

#if defined(ENABLE_OVERLOADING)
instance O.HasAttributeList TlsCertificate
type instance O.AttributeList TlsCertificate = TlsCertificateAttributeList
type TlsCertificateAttributeList = ('[ '("certificate", TlsCertificateCertificatePropertyInfo), '("certificatePem", TlsCertificateCertificatePemPropertyInfo), '("issuer", TlsCertificateIssuerPropertyInfo), '("pkcs11Uri", TlsCertificatePkcs11UriPropertyInfo), '("privateKey", TlsCertificatePrivateKeyPropertyInfo), '("privateKeyPem", TlsCertificatePrivateKeyPemPropertyInfo), '("privateKeyPkcs11Uri", TlsCertificatePrivateKeyPkcs11UriPropertyInfo)] :: [(Symbol, *)])
#endif

#if defined(ENABLE_OVERLOADING)
tlsCertificateCertificate :: AttrLabelProxy "certificate"
tlsCertificateCertificate = AttrLabelProxy

tlsCertificateCertificatePem :: AttrLabelProxy "certificatePem"
tlsCertificateCertificatePem = AttrLabelProxy

tlsCertificateIssuer :: AttrLabelProxy "issuer"
tlsCertificateIssuer = AttrLabelProxy

tlsCertificatePkcs11Uri :: AttrLabelProxy "pkcs11Uri"
tlsCertificatePkcs11Uri = AttrLabelProxy

tlsCertificatePrivateKey :: AttrLabelProxy "privateKey"
tlsCertificatePrivateKey = AttrLabelProxy

tlsCertificatePrivateKeyPem :: AttrLabelProxy "privateKeyPem"
tlsCertificatePrivateKeyPem = AttrLabelProxy

tlsCertificatePrivateKeyPkcs11Uri :: AttrLabelProxy "privateKeyPkcs11Uri"
tlsCertificatePrivateKeyPkcs11Uri = AttrLabelProxy

#endif

#if defined(ENABLE_OVERLOADING)
type instance O.SignalList TlsCertificate = TlsCertificateSignalList
type TlsCertificateSignalList = ('[ '("notify", GObject.Object.ObjectNotifySignalInfo)] :: [(Symbol, *)])

#endif

-- method TlsCertificate::new_from_file
-- method type : Constructor
-- Args: [ Arg
--           { argCName = "file"
--           , argType = TBasicType TFileName
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText =
--                     Just "file containing a PEM-encoded certificate to import"
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       ]
-- Lengths: []
-- returnType: Just
--               (TInterface Name { namespace = "Gio" , name = "TlsCertificate" })
-- throws : True
-- Skip return : False

foreign import ccall "g_tls_certificate_new_from_file" g_tls_certificate_new_from_file ::
    CString ->                              -- file : TBasicType TFileName
    Ptr (Ptr GError) ->                     -- error
    IO (Ptr TlsCertificate)

-- | Creates a t'GI.Gio.Objects.TlsCertificate.TlsCertificate' from the PEM-encoded data in /@file@/. The
-- returned certificate will be the first certificate found in /@file@/. As
-- of GLib 2.44, if /@file@/ contains more certificates it will try to load
-- a certificate chain. All certificates will be verified in the order
-- found (top-level certificate should be the last one in the file) and
-- the t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/issuer/@ property of each certificate will be set
-- accordingly if the verification succeeds. If any certificate in the
-- chain cannot be verified, the first certificate in the file will
-- still be returned.
-- 
-- If /@file@/ cannot be read or parsed, the function will return 'P.Nothing' and
-- set /@error@/. Otherwise, this behaves like
-- 'GI.Gio.Objects.TlsCertificate.tlsCertificateNewFromPem'.
-- 
-- /Since: 2.28/
tlsCertificateNewFromFile ::
    (B.CallStack.HasCallStack, MonadIO m) =>
    [Char]
    -- ^ /@file@/: file containing a PEM-encoded certificate to import
    -> m TlsCertificate
    -- ^ __Returns:__ the new certificate, or 'P.Nothing' on error /(Can throw 'Data.GI.Base.GError.GError')/
tlsCertificateNewFromFile file = liftIO $ do
    file' <- stringToCString file
    onException (do
        result <- propagateGError $ g_tls_certificate_new_from_file file'
        checkUnexpectedReturnNULL "tlsCertificateNewFromFile" result
        result' <- (wrapObject TlsCertificate) result
        freeMem file'
        return result'
     ) (do
        freeMem file'
     )

#if defined(ENABLE_OVERLOADING)
#endif

-- method TlsCertificate::new_from_files
-- method type : Constructor
-- Args: [ Arg
--           { argCName = "cert_file"
--           , argType = TBasicType TFileName
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText =
--                     Just
--                       "file containing one or more PEM-encoded\n    certificates to import"
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       , Arg
--           { argCName = "key_file"
--           , argType = TBasicType TFileName
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText =
--                     Just "file containing a PEM-encoded private key\n    to import"
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       ]
-- Lengths: []
-- returnType: Just
--               (TInterface Name { namespace = "Gio" , name = "TlsCertificate" })
-- throws : True
-- Skip return : False

foreign import ccall "g_tls_certificate_new_from_files" g_tls_certificate_new_from_files ::
    CString ->                              -- cert_file : TBasicType TFileName
    CString ->                              -- key_file : TBasicType TFileName
    Ptr (Ptr GError) ->                     -- error
    IO (Ptr TlsCertificate)

-- | Creates a t'GI.Gio.Objects.TlsCertificate.TlsCertificate' from the PEM-encoded data in /@certFile@/
-- and /@keyFile@/. The returned certificate will be the first certificate
-- found in /@certFile@/. As of GLib 2.44, if /@certFile@/ contains more
-- certificates it will try to load a certificate chain. All
-- certificates will be verified in the order found (top-level
-- certificate should be the last one in the file) and the
-- t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/issuer/@ property of each certificate will be set
-- accordingly if the verification succeeds. If any certificate in the
-- chain cannot be verified, the first certificate in the file will
-- still be returned.
-- 
-- If either file cannot be read or parsed, the function will return
-- 'P.Nothing' and set /@error@/. Otherwise, this behaves like
-- 'GI.Gio.Objects.TlsCertificate.tlsCertificateNewFromPem'.
-- 
-- /Since: 2.28/
tlsCertificateNewFromFiles ::
    (B.CallStack.HasCallStack, MonadIO m) =>
    [Char]
    -- ^ /@certFile@/: file containing one or more PEM-encoded
    --     certificates to import
    -> [Char]
    -- ^ /@keyFile@/: file containing a PEM-encoded private key
    --     to import
    -> m TlsCertificate
    -- ^ __Returns:__ the new certificate, or 'P.Nothing' on error /(Can throw 'Data.GI.Base.GError.GError')/
tlsCertificateNewFromFiles certFile keyFile = liftIO $ do
    certFile' <- stringToCString certFile
    keyFile' <- stringToCString keyFile
    onException (do
        result <- propagateGError $ g_tls_certificate_new_from_files certFile' keyFile'
        checkUnexpectedReturnNULL "tlsCertificateNewFromFiles" result
        result' <- (wrapObject TlsCertificate) result
        freeMem certFile'
        freeMem keyFile'
        return result'
     ) (do
        freeMem certFile'
        freeMem keyFile'
     )

#if defined(ENABLE_OVERLOADING)
#endif

-- method TlsCertificate::new_from_pem
-- method type : Constructor
-- Args: [ Arg
--           { argCName = "data"
--           , argType = TBasicType TUTF8
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText = Just "PEM-encoded certificate data"
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       , Arg
--           { argCName = "length"
--           , argType = TBasicType TInt32
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText =
--                     Just "the length of @data, or -1 if it's 0-terminated."
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       ]
-- Lengths: []
-- returnType: Just
--               (TInterface Name { namespace = "Gio" , name = "TlsCertificate" })
-- throws : True
-- Skip return : False

foreign import ccall "g_tls_certificate_new_from_pem" g_tls_certificate_new_from_pem ::
    CString ->                              -- data : TBasicType TUTF8
    Int32 ->                                -- length : TBasicType TInt32
    Ptr (Ptr GError) ->                     -- error
    IO (Ptr TlsCertificate)

-- | Creates a t'GI.Gio.Objects.TlsCertificate.TlsCertificate' from the PEM-encoded data in /@data@/. If
-- /@data@/ includes both a certificate and a private key, then the
-- returned certificate will include the private key data as well. (See
-- the t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/private-key-pem/@ property for information about
-- supported formats.)
-- 
-- The returned certificate will be the first certificate found in
-- /@data@/. As of GLib 2.44, if /@data@/ contains more certificates it will
-- try to load a certificate chain. All certificates will be verified in
-- the order found (top-level certificate should be the last one in the
-- file) and the t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/issuer/@ property of each certificate
-- will be set accordingly if the verification succeeds. If any
-- certificate in the chain cannot be verified, the first certificate in
-- the file will still be returned.
-- 
-- /Since: 2.28/
tlsCertificateNewFromPem ::
    (B.CallStack.HasCallStack, MonadIO m) =>
    T.Text
    -- ^ /@data@/: PEM-encoded certificate data
    -> Int32
    -- ^ /@length@/: the length of /@data@/, or -1 if it\'s 0-terminated.
    -> m TlsCertificate
    -- ^ __Returns:__ the new certificate, or 'P.Nothing' if /@data@/ is invalid /(Can throw 'Data.GI.Base.GError.GError')/
tlsCertificateNewFromPem data_ length_ = liftIO $ do
    data_' <- textToCString data_
    onException (do
        result <- propagateGError $ g_tls_certificate_new_from_pem data_' length_
        checkUnexpectedReturnNULL "tlsCertificateNewFromPem" result
        result' <- (wrapObject TlsCertificate) result
        freeMem data_'
        return result'
     ) (do
        freeMem data_'
     )

#if defined(ENABLE_OVERLOADING)
#endif

-- method TlsCertificate::new_from_pkcs11_uris
-- method type : Constructor
-- Args: [ Arg
--           { argCName = "pkcs11_uri"
--           , argType = TBasicType TUTF8
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText = Just "A PKCS \\#11 URI" , sinceVersion = Nothing }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       , Arg
--           { argCName = "private_key_pkcs11_uri"
--           , argType = TBasicType TUTF8
--           , direction = DirectionIn
--           , mayBeNull = True
--           , argDoc =
--               Documentation
--                 { rawDocText = Just "A PKCS \\#11 URI" , sinceVersion = Nothing }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       ]
-- Lengths: []
-- returnType: Just
--               (TInterface Name { namespace = "Gio" , name = "TlsCertificate" })
-- throws : True
-- Skip return : False

foreign import ccall "g_tls_certificate_new_from_pkcs11_uris" g_tls_certificate_new_from_pkcs11_uris ::
    CString ->                              -- pkcs11_uri : TBasicType TUTF8
    CString ->                              -- private_key_pkcs11_uri : TBasicType TUTF8
    Ptr (Ptr GError) ->                     -- error
    IO (Ptr TlsCertificate)

-- | Creates a t'GI.Gio.Objects.TlsCertificate.TlsCertificate' from a PKCS #11 URI.
-- 
-- An example /@pkcs11Uri@/ would be @pkcs11:model=Model;manufacturer=Manufacture;serial=1;token=My%20Client%20Certificate;id=%01@
-- 
-- Where the token’s layout is:
-- 
-- \`\`@
-- Object 0:
--   URL: pkcs11:model=Model;manufacturer=Manufacture;serial=1;token=My%20Client%20Certificate;id=%01;object=private%20key;type=private
--   Type: Private key (RSA-2048)
--   ID: 01
-- 
-- Object 1:
--   URL: pkcs11:model=Model;manufacturer=Manufacture;serial=1;token=My%20Client%20Certificate;id=%01;object=Certificate%20for%20Authentication;type=cert
--   Type: X.509 Certificate (RSA-2048)
--   ID: 01
-- @\`\`
-- 
-- In this case the certificate and private key would both be detected and used as expected.
-- /@pkcsUri@/ may also just reference an X.509 certificate object and then optionally
-- /@privateKeyPkcs11Uri@/ allows using a private key exposed under a different URI.
-- 
-- Note that the private key is not accessed until usage and may fail or require a PIN later.
-- 
-- /Since: 2.64/
tlsCertificateNewFromPkcs11Uris ::
    (B.CallStack.HasCallStack, MonadIO m) =>
    T.Text
    -- ^ /@pkcs11Uri@/: A PKCS #11 URI
    -> Maybe (T.Text)
    -- ^ /@privateKeyPkcs11Uri@/: A PKCS #11 URI
    -> m TlsCertificate
    -- ^ __Returns:__ the new certificate, or 'P.Nothing' on error /(Can throw 'Data.GI.Base.GError.GError')/
tlsCertificateNewFromPkcs11Uris pkcs11Uri privateKeyPkcs11Uri = liftIO $ do
    pkcs11Uri' <- textToCString pkcs11Uri
    maybePrivateKeyPkcs11Uri <- case privateKeyPkcs11Uri of
        Nothing -> return nullPtr
        Just jPrivateKeyPkcs11Uri -> do
            jPrivateKeyPkcs11Uri' <- textToCString jPrivateKeyPkcs11Uri
            return jPrivateKeyPkcs11Uri'
    onException (do
        result <- propagateGError $ g_tls_certificate_new_from_pkcs11_uris pkcs11Uri' maybePrivateKeyPkcs11Uri
        checkUnexpectedReturnNULL "tlsCertificateNewFromPkcs11Uris" result
        result' <- (wrapObject TlsCertificate) result
        freeMem pkcs11Uri'
        freeMem maybePrivateKeyPkcs11Uri
        return result'
     ) (do
        freeMem pkcs11Uri'
        freeMem maybePrivateKeyPkcs11Uri
     )

#if defined(ENABLE_OVERLOADING)
#endif

-- method TlsCertificate::get_issuer
-- method type : OrdinaryMethod
-- Args: [ Arg
--           { argCName = "cert"
--           , argType =
--               TInterface Name { namespace = "Gio" , name = "TlsCertificate" }
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText = Just "a #GTlsCertificate" , sinceVersion = Nothing }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       ]
-- Lengths: []
-- returnType: Just
--               (TInterface Name { namespace = "Gio" , name = "TlsCertificate" })
-- throws : False
-- Skip return : False

foreign import ccall "g_tls_certificate_get_issuer" g_tls_certificate_get_issuer ::
    Ptr TlsCertificate ->                   -- cert : TInterface (Name {namespace = "Gio", name = "TlsCertificate"})
    IO (Ptr TlsCertificate)

-- | Gets the t'GI.Gio.Objects.TlsCertificate.TlsCertificate' representing /@cert@/\'s issuer, if known
-- 
-- /Since: 2.28/
tlsCertificateGetIssuer ::
    (B.CallStack.HasCallStack, MonadIO m, IsTlsCertificate a) =>
    a
    -- ^ /@cert@/: a t'GI.Gio.Objects.TlsCertificate.TlsCertificate'
    -> m TlsCertificate
    -- ^ __Returns:__ The certificate of /@cert@/\'s issuer,
    -- or 'P.Nothing' if /@cert@/ is self-signed or signed with an unknown
    -- certificate.
tlsCertificateGetIssuer cert = liftIO $ do
    cert' <- unsafeManagedPtrCastPtr cert
    result <- g_tls_certificate_get_issuer cert'
    checkUnexpectedReturnNULL "tlsCertificateGetIssuer" result
    result' <- (newObject TlsCertificate) result
    touchManagedPtr cert
    return result'

#if defined(ENABLE_OVERLOADING)
data TlsCertificateGetIssuerMethodInfo
instance (signature ~ (m TlsCertificate), MonadIO m, IsTlsCertificate a) => O.MethodInfo TlsCertificateGetIssuerMethodInfo a signature where
    overloadedMethod = tlsCertificateGetIssuer

#endif

-- method TlsCertificate::is_same
-- method type : OrdinaryMethod
-- Args: [ Arg
--           { argCName = "cert_one"
--           , argType =
--               TInterface Name { namespace = "Gio" , name = "TlsCertificate" }
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText = Just "first certificate to compare"
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       , Arg
--           { argCName = "cert_two"
--           , argType =
--               TInterface Name { namespace = "Gio" , name = "TlsCertificate" }
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText = Just "second certificate to compare"
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       ]
-- Lengths: []
-- returnType: Just (TBasicType TBoolean)
-- throws : False
-- Skip return : False

foreign import ccall "g_tls_certificate_is_same" g_tls_certificate_is_same ::
    Ptr TlsCertificate ->                   -- cert_one : TInterface (Name {namespace = "Gio", name = "TlsCertificate"})
    Ptr TlsCertificate ->                   -- cert_two : TInterface (Name {namespace = "Gio", name = "TlsCertificate"})
    IO CInt

-- | Check if two t'GI.Gio.Objects.TlsCertificate.TlsCertificate' objects represent the same certificate.
-- The raw DER byte data of the two certificates are checked for equality.
-- This has the effect that two certificates may compare equal even if
-- their t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/issuer/@, t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/private-key/@, or
-- t'GI.Gio.Objects.TlsCertificate.TlsCertificate':@/private-key-pem/@ properties differ.
-- 
-- /Since: 2.34/
tlsCertificateIsSame ::
    (B.CallStack.HasCallStack, MonadIO m, IsTlsCertificate a, IsTlsCertificate b) =>
    a
    -- ^ /@certOne@/: first certificate to compare
    -> b
    -- ^ /@certTwo@/: second certificate to compare
    -> m Bool
    -- ^ __Returns:__ whether the same or not
tlsCertificateIsSame certOne certTwo = liftIO $ do
    certOne' <- unsafeManagedPtrCastPtr certOne
    certTwo' <- unsafeManagedPtrCastPtr certTwo
    result <- g_tls_certificate_is_same certOne' certTwo'
    let result' = (/= 0) result
    touchManagedPtr certOne
    touchManagedPtr certTwo
    return result'

#if defined(ENABLE_OVERLOADING)
data TlsCertificateIsSameMethodInfo
instance (signature ~ (b -> m Bool), MonadIO m, IsTlsCertificate a, IsTlsCertificate b) => O.MethodInfo TlsCertificateIsSameMethodInfo a signature where
    overloadedMethod = tlsCertificateIsSame

#endif

-- method TlsCertificate::verify
-- method type : OrdinaryMethod
-- Args: [ Arg
--           { argCName = "cert"
--           , argType =
--               TInterface Name { namespace = "Gio" , name = "TlsCertificate" }
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText = Just "a #GTlsCertificate" , sinceVersion = Nothing }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       , Arg
--           { argCName = "identity"
--           , argType =
--               TInterface Name { namespace = "Gio" , name = "SocketConnectable" }
--           , direction = DirectionIn
--           , mayBeNull = True
--           , argDoc =
--               Documentation
--                 { rawDocText = Just "the expected peer identity"
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       , Arg
--           { argCName = "trusted_ca"
--           , argType =
--               TInterface Name { namespace = "Gio" , name = "TlsCertificate" }
--           , direction = DirectionIn
--           , mayBeNull = True
--           , argDoc =
--               Documentation
--                 { rawDocText = Just "the certificate of a trusted authority"
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       ]
-- Lengths: []
-- returnType: Just
--               (TInterface
--                  Name { namespace = "Gio" , name = "TlsCertificateFlags" })
-- throws : False
-- Skip return : False

foreign import ccall "g_tls_certificate_verify" g_tls_certificate_verify ::
    Ptr TlsCertificate ->                   -- cert : TInterface (Name {namespace = "Gio", name = "TlsCertificate"})
    Ptr Gio.SocketConnectable.SocketConnectable -> -- identity : TInterface (Name {namespace = "Gio", name = "SocketConnectable"})
    Ptr TlsCertificate ->                   -- trusted_ca : TInterface (Name {namespace = "Gio", name = "TlsCertificate"})
    IO CUInt

-- | This verifies /@cert@/ and returns a set of t'GI.Gio.Flags.TlsCertificateFlags'
-- indicating any problems found with it. This can be used to verify a
-- certificate outside the context of making a connection, or to
-- check a certificate against a CA that is not part of the system
-- CA database.
-- 
-- If /@identity@/ is not 'P.Nothing', /@cert@/\'s name(s) will be compared against
-- it, and 'GI.Gio.Flags.TlsCertificateFlagsBadIdentity' will be set in the return
-- value if it does not match. If /@identity@/ is 'P.Nothing', that bit will
-- never be set in the return value.
-- 
-- If /@trustedCa@/ is not 'P.Nothing', then /@cert@/ (or one of the certificates
-- in its chain) must be signed by it, or else
-- 'GI.Gio.Flags.TlsCertificateFlagsUnknownCa' will be set in the return value. If
-- /@trustedCa@/ is 'P.Nothing', that bit will never be set in the return
-- value.
-- 
-- (All other t'GI.Gio.Flags.TlsCertificateFlags' values will always be set or unset
-- as appropriate.)
-- 
-- /Since: 2.28/
tlsCertificateVerify ::
    (B.CallStack.HasCallStack, MonadIO m, IsTlsCertificate a, Gio.SocketConnectable.IsSocketConnectable b, IsTlsCertificate c) =>
    a
    -- ^ /@cert@/: a t'GI.Gio.Objects.TlsCertificate.TlsCertificate'
    -> Maybe (b)
    -- ^ /@identity@/: the expected peer identity
    -> Maybe (c)
    -- ^ /@trustedCa@/: the certificate of a trusted authority
    -> m [Gio.Flags.TlsCertificateFlags]
    -- ^ __Returns:__ the appropriate t'GI.Gio.Flags.TlsCertificateFlags'
tlsCertificateVerify cert identity trustedCa = liftIO $ do
    cert' <- unsafeManagedPtrCastPtr cert
    maybeIdentity <- case identity of
        Nothing -> return nullPtr
        Just jIdentity -> do
            jIdentity' <- unsafeManagedPtrCastPtr jIdentity
            return jIdentity'
    maybeTrustedCa <- case trustedCa of
        Nothing -> return nullPtr
        Just jTrustedCa -> do
            jTrustedCa' <- unsafeManagedPtrCastPtr jTrustedCa
            return jTrustedCa'
    result <- g_tls_certificate_verify cert' maybeIdentity maybeTrustedCa
    let result' = wordToGFlags result
    touchManagedPtr cert
    whenJust identity touchManagedPtr
    whenJust trustedCa touchManagedPtr
    return result'

#if defined(ENABLE_OVERLOADING)
data TlsCertificateVerifyMethodInfo
instance (signature ~ (Maybe (b) -> Maybe (c) -> m [Gio.Flags.TlsCertificateFlags]), MonadIO m, IsTlsCertificate a, Gio.SocketConnectable.IsSocketConnectable b, IsTlsCertificate c) => O.MethodInfo TlsCertificateVerifyMethodInfo a signature where
    overloadedMethod = tlsCertificateVerify

#endif

-- method TlsCertificate::list_new_from_file
-- method type : MemberFunction
-- Args: [ Arg
--           { argCName = "file"
--           , argType = TBasicType TFileName
--           , direction = DirectionIn
--           , mayBeNull = False
--           , argDoc =
--               Documentation
--                 { rawDocText =
--                     Just "file containing PEM-encoded certificates to import"
--                 , sinceVersion = Nothing
--                 }
--           , argScope = ScopeTypeInvalid
--           , argClosure = -1
--           , argDestroy = -1
--           , argCallerAllocates = False
--           , transfer = TransferNothing
--           }
--       ]
-- Lengths: []
-- returnType: Just
--               (TGList
--                  (TInterface Name { namespace = "Gio" , name = "TlsCertificate" }))
-- throws : True
-- Skip return : False

foreign import ccall "g_tls_certificate_list_new_from_file" g_tls_certificate_list_new_from_file ::
    CString ->                              -- file : TBasicType TFileName
    Ptr (Ptr GError) ->                     -- error
    IO (Ptr (GList (Ptr TlsCertificate)))

-- | Creates one or more @/GTlsCertificates/@ from the PEM-encoded
-- data in /@file@/. If /@file@/ cannot be read or parsed, the function will
-- return 'P.Nothing' and set /@error@/. If /@file@/ does not contain any
-- PEM-encoded certificates, this will return an empty list and not
-- set /@error@/.
-- 
-- /Since: 2.28/
tlsCertificateListNewFromFile ::
    (B.CallStack.HasCallStack, MonadIO m) =>
    [Char]
    -- ^ /@file@/: file containing PEM-encoded certificates to import
    -> m [TlsCertificate]
    -- ^ __Returns:__ a
    -- t'GI.GLib.Structs.List.List' containing t'GI.Gio.Objects.TlsCertificate.TlsCertificate' objects. You must free the list
    -- and its contents when you are done with it. /(Can throw 'Data.GI.Base.GError.GError')/
tlsCertificateListNewFromFile file = liftIO $ do
    file' <- stringToCString file
    onException (do
        result <- propagateGError $ g_tls_certificate_list_new_from_file file'
        result' <- unpackGList result
        result'' <- mapM (wrapObject TlsCertificate) result'
        g_list_free result
        freeMem file'
        return result''
     ) (do
        freeMem file'
     )

#if defined(ENABLE_OVERLOADING)
#endif