Add WriteRaw to client api and new PKI test helper (#24818)

- This is to support the EST test cases within Vault Enterprise

api/logical.go

@@ -212,6 +212,17 @@ func (c *Logical) WriteWithContext(ctx context.Context, path string, data map[st
 	return c.write(ctx, path, r)
 }
 
+func (c *Logical) WriteRaw(path string, data []byte) (*Response, error) {
+	return c.WriteRawWithContext(context.Background(), path, data)
+}
+
+func (c *Logical) WriteRawWithContext(ctx context.Context, path string, data []byte) (*Response, error) {
+	r := c.c.NewRequest(http.MethodPut, "/v1/"+path)
+	r.BodyBytes = data
+
+	return c.writeRaw(ctx, r)
+}
+
 func (c *Logical) JSONMergePatch(ctx context.Context, path string, data map[string]interface{}) (*Secret, error) {
 	r := c.c.NewRequest(http.MethodPatch, "/v1/"+path)
 	r.Headers.Set("Content-Type", "application/merge-patch+json")
@@ -261,6 +272,14 @@ func (c *Logical) write(ctx context.Context, path string, request *Request) (*Se
 	return ParseSecret(resp.Body)
 }
 
+func (c *Logical) writeRaw(ctx context.Context, request *Request) (*Response, error) {
+	ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
+	defer cancelFunc()
+
+	resp, err := c.c.rawRequestWithContext(ctx, request)
+	return resp, err
+}
+
 func (c *Logical) Delete(path string) (*Secret, error) {
 	return c.DeleteWithContext(context.Background(), path)
 }

builtin/logical/pki/test_helpers.go

@@ -59,6 +59,19 @@ func mountPKIEndpoint(t testing.TB, client *api.Client, path string) {
 	require.NoError(t, err, "failed mounting pki endpoint")
 }
 
+func mountCertEndpoint(t testing.TB, client *api.Client, path string) {
+	t.Helper()
+
+	err := client.Sys().EnableAuthWithOptions(path, &api.MountInput{
+		Type: "cert",
+		Config: api.MountConfigInput{
+			DefaultLeaseTTL: "16h",
+			MaxLeaseTTL:     "32h",
+		},
+	})
+	require.NoError(t, err, "failed mounting cert endpoint")
+}
+
 // Signing helpers
 func requireSignedBy(t *testing.T, cert *x509.Certificate, signingCert *x509.Certificate) {
 	t.Helper()