. NET add timestamp to prevent replay attacks _ practical Tips

If a client makes a request to a server-side interface, and if the request information is encrypted and intercepted by a third party to the request package, the third party cannot decrypt the data obtained, but the request package can be used for repeated request operations. If the server does not perform replay attacks, it will be the result of increased pressure on the servers and data disruption. The time stamp is used to resolve this problem.

Private readonly String TimeStamp = configurationmanager.appsettings["TimeStamp"];//configuration timestamp
    [HttpPost] public
    ActionResult Testapi ()
    {
        string requesttime = request["Rtime"];//Request time after RSA signature
        try
        {
          // Request time RSA decrypted with timestamp time that the valid time of the request
          DateTime Requestdt = DateTime.Parse (Rsacryptoprovider.decrypt (RequestTime, Rsa_ keys.private)). AddMinutes (int. Parse (TimeStamp)); 
          DateTime NEWDT = DateTime.Now; The server receives the requested current time
          //if the request's valid time < Now the time the server accepts the request is that the request fails
          if (Requestdt < NEWDT)
          {return
            Json (new { Success = FALSE, message = "The request has expired"});
          else
          {
      //other operations
      }
        catch (Exception ex) {return
          Json (New {success = false) message = "Request parameter not and requirement"});
        }
    

The above is the entire content of this article, I hope to help you learn, but also hope that we support the cloud habitat community.