ComparePublicKeys compares two public keys and returns true if they match.

GeneratePrivateKey generates a private key with the specified type and key bits.

GenerateSerialNumber generates a serial number suitable for a certificate.

GetOctalFormatted returns the byte buffer formatted in octal with the specified separator between bytes.

GetSubjKeyID returns the subject key ID, e.g.

ParsePEMBundle takes a string of concatenated PEM-format certificate and private key values and decodes/parses them, checking validity along the way.

ParsePKIJSON takes a JSON-encoded string and returns a ParsedCertBundle.

ParsePKIMap takes a map (for instance, the Secret.Data returned from the PKI backend) and returns a ParsedCertBundle.

CertBundle contains a key type, a PEM-encoded private key, a PEM-encoded certificate, and a string-encoded serial number, returned from a successful Issue request.

CSRBundle contains a key type, a PEM-encoded private key, and a PEM-encoded CSR.

InternalError represents an error generated internally, presumably not due to invalid user input.

IssueData is a structure that is suitable for marshaling into a request; either via JSON, or into a map[string]interface{} via the structs package.

ParsedCertBundle contains a key type, a DER-encoded private key, and a DER-encoded certificate.

ParsedCSRBundle contains a key type, a DER-encoded private key, and a DER-encoded certificate request.

Secret is used to attempt to unmarshal a Vault secret JSON response, as a convenience.

UserError represents an error generated due to invalid user input.

Used to allow common key setting for certs and CSRs.

The type of of the Private Key referenced in CertBundle and ParsedCertBundle.

TLSUsage controls whether the intended usage of a *tls.Config returned from ParsedCertBundle.GetTLSConfig is for server use, client use, or both, which affects which values are set.