6.27 - Oid


An OID stands for Object IDentifier. It's a part of the ASN/1 standard. Basically, it's a hierarchy, named a 'registration tree'. It's a list of 'arcs', which values start at '0', and each arc is separated with a dot ( '.' ).

There are three defined root arcs :

* itu-t (0)
* iso (1)
* joint-iso-itu-t (2)

There is some places on the internet where one can have a look at the existing OIDs. Here is one : OID repository.


The OID syntax is pretty simple : some numbers with dots between them, like 0.1.245

There are a few extra rules :

* The first number must be 0, 1 or 2
* If it's 0 or 1, then the second number must be between 0 and 39
* A dot must be preceded and followed by a number
* A 0 at first position is never followed by any other digit
* There is no limit for the number of digits otherwise : 2.25.81407072025111374527560065493494091452 is legit


The Apache LDAP API offers a few functions which can be used to manipulate an OID. In any case, we don't have a constructor for an OID.

The class to use is org.apache.directory.api.asn1.util.Oid. It creates immutable instances.

static Oid fromBytes( byte[] )

Returns an Oid instance constructed using a byte[] representing an encoded OID.

static Oid fromString( String )

Returns an Oid instance constructed from a String representing an OID.

static boolean isOid( String )

Tells if a String is a valid OID.

String toString()

Return the String representation of an Oid instance.

byte[] toBytes()

Return the byte[] representation of an Oid instance.

OID parsing

We use a FSA (Finite State Automaton) to parse a String to get an internal representation of an OID. Here is a picture showing the FSA we are using :