PHP实现OID(Object identifier)的编码和解码

转载于：https://bkssl.com/document/php_oid_encode_decode.html

<?phpclass ASN1ObjectIdentifier
{/*** OID字符串编码为二进制数据* @param string $oid 字符串形式的OID* @return string*/public static function encode($oid){$parts = explode('.', $oid);$parts = array_map(fn($t) => intval($t), $parts);$result = chr($parts[0] * 40 + $parts[1]);for ($i = 2; $i < count($parts); $i++) {$value = $parts[$i];if ($value <= 127) {$result .= chr($value);continue;}$substr = '';$flag = false;while ($value > 0) {$num7 = ($value & 0x7f);if ($flag) {$num7 = 0x80 | $num7;}$substr = chr($num7) . $substr;$value >>= 7;if (!$flag) $flag = true;}$result .= $substr;}return $result;}/*** 二进制数据解码为OID字符串* @param string $data 二进制数据* @param int $position 数据偏移位置* @param int $count OID所占字节大小* @return string*/public static function decode($data, $position, $count){$builder = '';$num2 = ord($data[$position]);$num3 = floor($num2 / 40);$num4 = $num2 % 40;$builder .= $num3;$builder .= '.';$builder .= $num4;$flag = true;$integer = 0;for ($i = 1; $i < $count; $i++) {$num6 = ord($data[$position + $i]);$num7 = $num6 & 0x7f;if ($flag) {$builder .= '.';$flag = false;}$integer = $integer << 7;$integer += $num7;if ($num6 == $num7) {$builder .= $integer;$integer = 0;$flag = true;}}return $builder;}
}

测试代码

$oid = '1.2.840.113549.1.1.1';
$bin = ASN1ObjectIdentifier::encode($oid);
echo bin2hex($bin) . "\r\n";
echo ASN1ObjectIdentifier::decode($bin, 0, strlen($bin)). "\r\n";//输出
//2a864886f70d010101
//1.2.840.113549.1.1.1

常见OID

'2.5.4.3': 'CN',
'2.5.4.4': 'Surname',
'2.5.4.5': 'SerialNumber',
'2.5.4.6': 'C',
'2.5.4.7': 'L',
'2.5.4.8': 'ST',
'2.5.4.9': 'Street',
'2.5.4.10': 'O',
'2.5.4.11': 'OU',
'2.5.4.12': 'T',
'2.5.4.13': 'Description',
'2.5.4.15': 'BusinessCategory',
'2.5.4.16': 'PostalAddress',
'2.5.4.17': 'PostalCode',
'2.5.4.20': 'TelephoneNumber',
'2.5.4.41': 'Name',
'2.5.4.42': 'GivenName',
'2.5.4.43': 'Initials',
'2.5.4.44': 'Generation',
'2.5.4.45': 'UniqueIdentifier',
'2.5.4.46': 'DnQualifier',
'2.5.4.54': 'DmdName',
'2.5.4.65': 'Pseudonym',
'2.5.4.97': 'OrganizationIdentifier',
'1.3.6.1.5.5.7.9.1': 'DateOfBirth',
'1.3.6.1.5.5.7.9.2': 'PlaceOfBirth',
'1.3.6.1.5.5.7.9.3': 'Gender',
'1.3.6.1.5.5.7.9.4': 'CountryOfCitizenship',
'1.3.6.1.5.5.7.9.5': 'CountryOfResidence',
'1.3.36.8.3.14': 'NameAtBirth',
'1.2.840.113549.1.9.1': 'E',
'1.2.840.113549.1.9.2': 'UnstructuredName',
'1.2.840.113549.1.9.8': 'UnstructuredAddress',
'0.9.2342.19200300.100.1.25': 'DC',
'0.9.2342.19200300.100.1.1': 'UID',
'2.5.29.9': 'SubjectDirectoryAttributes',
'2.5.29.14': 'SubjectKeyIdentifier',
'2.5.29.15': 'KeyUsage',
'2.5.29.16': 'PrivateKeyUsagePeriod',
'2.5.29.17': 'SubjectAlternativeName',
'2.5.29.18': 'IssuerAlternativeName',
'2.5.29.19': 'BasicConstraints',
'2.5.29.20': 'CrlNumber',
'2.5.29.21': 'ReasonCode',
'2.5.29.23': 'InstructionCode',
'2.5.29.24': 'InvalidityDate',
'2.5.29.27': 'DeltaCrlIndicator',
'2.5.29.28': 'IssuingDistributionPoint',
'2.5.29.29': 'CertificateIssuer',
'2.5.29.30': 'NameConstraints',
'2.5.29.31': 'CrlDistributionPoints',
'2.5.29.32': 'CertificatePolicies',
'2.5.29.33': 'PolicyMappings',
'2.5.29.35': 'AuthorityKeyIdentifier',
'2.5.29.36': 'PolicyConstraints',
'2.5.29.37': 'ExtendedKeyUsage',
'2.5.29.46': 'FreshestCrl',
'2.5.29.54': 'InhibitAnyPolicy',
'2.5.29.55': 'TargetInformation',
'2.5.29.56': 'NoRevAvail',
'2.5.29.60': 'ExpiredCertsOnCrl',
'1.3.6.1.5.5.7.1.1': 'AuthorityInfoAccess',
'1.3.6.1.5.5.7.1.2': 'BiometricInfo',
'1.3.6.1.5.5.7.1.3': 'QCStatements',
'1.3.6.1.5.5.7.1.4': 'AuditIdentity',
'1.3.6.1.5.5.7.1.11': 'SubjectInfoAccess',
'1.3.6.1.5.5.7.1.12': 'LogoType',
'1.3.6.1.4.1.11129.2.4.2': 'SCTList',
'1.2.840.113533.7.65.0': 'EntrustVersionInfo',
'1.3.6.1.4.1.311.20.1': 'AutoEnrollCtlUsage',
'1.3.6.1.4.1.311.20.2': 'CertificateType',
'1.3.6.1.4.1.311.20.2.1': 'EnrollmentAgent',
'1.3.6.1.4.1.311.20.2.2': 'KPSmartCardLogin',
'1.3.6.1.4.1.311.20.2.3': 'NTPrincipalName',
'1.3.6.1.4.1.311.20.3': 'CertManifold',
'1.3.6.1.4.1.311.21.1': 'CaKeyCertIndexPair',
'2.16.840.1.113730.1.1': 'NetscapeCertType',
'2.23.42.7.0': 'HashedRootKey',
'1.2.840.113549.1.9.15': 'SMIMECapabilities',
'2.16.840.1.113730.1.13': 'NetscapeComment',
'1.3.6.1.5.5.7.1.24': 'TLSFeatures',
'1.2.840.113549.2.2': 'MD2',
'1.2.840.113549.2.3': 'MD4',
'1.2.840.113549.2.5': 'MD5',
'1.3.14.3.2.26': 'SHA1','1.2.840.113549.1.1.11': 'sha256WithRSAEncryption',
'1.2.840.113549.1.1.5': 'sha1WithRSAEncryption',
'1.2.840.113549.1.1.4': 'md5WithRSAEncryption',
'1.2.840.113549.1.1.2': 'md2WithRSAEncryption',
'1.2.840.113549.1.1.1': 'RsaEncryption','2.16.840.1.101.3.4.2.4': 'SHA224',
'2.16.840.1.101.3.4.2.3': 'SHA512',
'2.16.840.1.101.3.4.2.2': 'SHA384',
'2.16.840.1.101.3.4.2.1': 'SHA256',
'1.3.36.3.2.1': 'RIPEMD160',
'1.3.36.3.2.2': 'RIPEMD128',
'1.3.36.3.2.3': 'RIPEMD256',
'1.2.643.2.2.9': 'GOST3411',
'1.2.840.10045.4.1': 'Sha1WithECDsa',
'1.2.840.10045.4.3.1': 'Sha224WithECDsa',
'1.2.840.10045.4.3.2': 'Sha256WithECDsa',
'1.2.840.10045.4.3.3': 'Sha384WithECDsa',
'1.2.840.10045.4.3.4': 'Sha512WithECDsa',
'1.2.840.10040.4.3': 'id-dsa-with-sha1',
'1.2.840.10045.2.1': 'ECPublicKey',
'1.2.840.10045.3.1.7': 'Prime256v1',
'1.3.6.1.5.5.7.3.1': 'ServerAuth',
'1.3.6.1.5.5.7.3.2': 'ClientAuth',
'1.3.6.1.5.5.7.3.3': 'CodeSigning',
'1.3.6.1.5.5.7.3.4': 'EmailProtection',
'1.3.6.1.5.5.7.3.5': 'IpsecEndSystem',
'1.3.6.1.5.5.7.3.6': 'IpsecTunnel',
'1.3.6.1.5.5.7.3.7': 'IpsecUser',
'1.3.6.1.5.5.7.3.8': 'TimeStamping',
'1.3.6.1.5.5.7.3.9': 'OCSPSigning',
'1.3.6.1.5.5.7.3.19': 'Wireless',
'1.3.6.1.5.5.7.48.1': 'OCSP',
'1.3.6.1.5.5.7.48.2': 'caIssuers',
'2.23.140.1.2.1': 'DomainValidated',
'1.3.6.1.4.1.44947.1.1.1': '',
'1.3.6.1.5.5.7.2.1': 'Cps',
'1.3.6.1.5.5.7.2.2': 'Unotice',