In NewSignerPrivateKey, the type-switch contains a rsa.PublicKey. Which is unfortunate, because it means you can't pass e.g. an *rsa.PublicKey as signer, as that returns a pointer. It's also inconsistent with other parts of the package - for example, the PrivateKey struct itself documents it as being a pointer. This probably slipped through review, because ecdsa.PublicKey is used as a value (it's a slice).

It would probably be better to use a pointer in the type-switch to stay consistent. Unfortunately, that would be a breaking change. I found at least one client depending on the current behavior, though they're quite new and might be willing to switch.

A backwards-compatible way to deal with it would be to add a case for a pointer to the type-switch. Personally, I find that ugly, but it's not hard, stays compatible and apart from the ugliness, I don't think there's any downside to it. I have a CL for this, but wanted to create an issue too, to link to.