Encode asn1 with der

Cargo.toml

@@ -18,6 +18,8 @@ indoc = "*"
 tracing = { version = "*" }
 tracing-subscriber = { version = "*", features = [ "env-filter" ] }
 futures = "*"
+const-oid = { version = "0.9.6", features = ["db"] }
+x509-cert = "0.2.5"
 
 [features]
 vendored = ["openssl/vendored"]

src/asn.rs

@@ -1,15 +1,31 @@
-use openssl::error::ErrorStack;
+use const_oid::db::rfc4519::{CN, ORGANIZATION_NAME, SERIAL_NUMBER};
+use x509_cert::{
+    attr::AttributeTypeAndValue,
+    der::asn1::{PrintableString, SetOfVec, Utf8StringRef},
+    der::{Encode, Result},
+    name::{RdnSequence, RelativeDistinguishedName},
+};
 
 pub fn encode_identity(
     organization: &str,
     common_name: &str,
     serial_number: &str,
-) -> Result<String, ErrorStack> {
-    let mut b = openssl::x509::X509NameBuilder::new()?;
-    b.append_entry_by_text("O", organization)?;
-    b.append_entry_by_text("CN", common_name)?;
-    b.append_entry_by_text("serialNumber", serial_number)?;
-    let name = b.build().to_der()?;
+) -> Result<String> {
+    let name = RdnSequence(vec![
+        RelativeDistinguishedName(SetOfVec::from_iter([AttributeTypeAndValue {
+            oid: ORGANIZATION_NAME,
+            value: Utf8StringRef::new(organization)?.into(),
+        }])?),
+        RelativeDistinguishedName(SetOfVec::from_iter([AttributeTypeAndValue {
+            oid: CN,
+            value: Utf8StringRef::new(common_name)?.into(),
+        }])?),
+        RelativeDistinguishedName(SetOfVec::from_iter([AttributeTypeAndValue {
+            oid: SERIAL_NUMBER,
+            value: (&PrintableString::new(serial_number)?).into(),
+        }])?),
+    ])
+    .to_der()?;
     Ok(format!("asn1dn:#{}", hex::encode(name)))
 }