实际业务场景发送端发送参数,接收端接收参数.两台不同的服务器.
发送端通过一些参数加密,其中包括了取本地时间.接收端也是通过本地时间前后5分钟做参数校验.
发送端
接收端
解密的方法
本来程序是正常的跑的,一次压测刚好在整点附近,就出现了一直参数校验失败
然后才发现是整点的时候服务器可能会去同步时间,导致发送端和接收端取得时间不一样,因为是取前后五分钟就导致接收端得整点前五分钟得时间对不上
,换了解密得方式就好了
大家也可以看看
有bug得
public static boolean verifySign(String p1, String p2, String date, String key, String signin) {
String result = null;
boolean ismatch = false;
SimpleDateFormat simpleDateFormat = new SimpleDateFormat("MMddHHmm");
Calendar calendar = Calendar.getInstance();
int nowminute = calendar.get(Calendar.MINUTE);
for (int m = nowminute - 5; m <= nowminute + 5; m++) {
calendar.set(Calendar.MINUTE, m);
String dt = simpleDateFormat.format(calendar.getTime());
//System.err.println(dt);
result = MD5.getMD5(p1 + p2 + dt + key);
//System.out.println(result);
ismatch = signin.equalsIgnoreCase(result);
if (ismatch) return ismatch;
}
return ismatch;
}
没有bug得
public static boolean verifySign(String p1, String p2, String date, String key, String signin) {
String result = null;
boolean ismatch = false;
SimpleDateFormat simpleDateFormat = new SimpleDateFormat("MMddHHmm");
Calendar calendar = Calendar.getInstance();
int nowminute = calendar.get(Calendar.MINUTE);
System.err.println("current minute="+nowminute);
for (int m = -5; m <= 5; m++) {
Calendar calendar2 = Calendar.getInstance();
calendar2.add(Calendar.MINUTE,m);
// calendar.set(Calendar.MINUTE, m);
String dt = simpleDateFormat.format(calendar2.getTime());
// System.err.println("dt="+dt);
result = MD5.getMD5(p1 + p2 + dt + key);
// System.out.println("verifySign="+result);
ismatch = signin.equalsIgnoreCase(result);
if (ismatch) {
System.out.println(signin+" VS "+result);
return ismatch;
}
}
return ismatch;
}