微信小程序獲取用戶解密的Session_key 然后對(duì) encryptedData進(jìn)行解密 偶爾報(bào)錯(cuò) 時(shí)間長(zhǎng)了之后會(huì)報(bào)內(nèi)存溢出:
-
java.lang.OutOfMemoryError: GC overhead limit exceeded
-
-
at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:426)
-
at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:322)
-
at javax.crypto.JarVerifier.verify(JarVerifier.java:250)
-
at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:160)
-
at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:186)
-
at javax.crypto.Cipher.getInstance(Cipher.java:653)
看代碼是java解密的時(shí)候報(bào)錯(cuò)了,
然后將老代碼
-
-
public byte[] aesCbcDecrypt(byte[] content, byte[] keyBytes, byte[] iv) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
-
//密鑰
-
SecretKey k = new SecretKeySpec(keyBytes, "AES");
-
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-
-
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding",
-
new BouncyCastleProvider()
-
);
-
-
cipher.init(Cipher.DECRYPT_MODE, k, new IvParameterSpec(iv));
-
//執(zhí)行操作
-
return cipher.doFinal(content);
-
}
改成如下方式
-
private static Provider provider = new BouncyCastleProvider();
-
-
public byte[] aesCbcDecrypt(byte[] content, byte[] keyBytes, byte[] iv) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
-
//密鑰
-
SecretKey k = new SecretKeySpec(keyBytes, "AES");
-
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-
-
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", provider);
-
-
cipher.init(Cipher.DECRYPT_MODE, k, new IvParameterSpec(iv));
-
//執(zhí)行操作
-
return cipher.doFinal(content);
-
}
用Jmeter 100并發(fā)壓測(cè) 可以檢測(cè)到老代碼內(nèi)存在上升然后短時(shí)間不會(huì)釋放,新代碼上升然后穩(wěn)定(和知乎文章鏈接中的結(jié)果一致),而且新代碼運(yùn)行速度也更快(不用每次都new了)。
老代碼cpu:
新代碼cpu:
微信服務(wù)器返回的數(shù)據(jù)為什么解密失敗,這個(gè)原因還是待查。同一個(gè)用戶,前兩次解密失敗,Session_key不變,然后第三次可以成功。
實(shí)時(shí)分析java占用cpu的進(jìn)程及線程,找到線程對(duì)應(yīng)的java代碼。
top -Hp pid
jstack pid下的線程pid
參考了微信中的文章
但是貌似并不是所有的問題代碼都能在里面定位到。