class Token extends ByteArray
Tokens are used in the BitTorrent DHT protocol to prevent certain types of attacks. When a peer announces itself to a DHT node, it receives a token that must be included in subsequent get_peer requests. This verifies that the requesting peer has previously communicated with the DHT node from the same IP address.
This class handles both outgoing tokens (generated locally for sending to peers) and incoming tokens (received from remote DHT nodes). Tokens have limited lifetimes and are automatically expired to prevent replay attacks.
Security considerations:
- Outgoing tokens are 8 bytes of cryptographically secure random data
- Incoming tokens may be up to 64 bytes (to accommodate various implementations)
- Tokens are timestamped for automatic expiration
- Lookup-only tokens don't store timestamps to save memory
| Constructor and Description |
|---|
Token(byte[] data)
Creates a lookup-only token without timestamp.
|
Token(I2PAppContext ctx)
Creates a new outgoing token for sending to remote peers.
|
Token(I2PAppContext ctx,
byte[] data)
Creates an incoming token received from a remote DHT node.
|
| Modifier and Type | Method and Description |
|---|---|
long |
lastSeen()
Returns the timestamp when this token was created or last seen.
|
String |
toString()
Returns a string representation of the token for debugging and logging.
|
public Token(byte[] data)
Creates a token instance for comparison purposes only, without storing a timestamp. This is useful when checking if a received token matches an expected value without needing to track its age for expiration.
data - the token data to use for lookup comparisonpublic Token(I2PAppContext ctx)
Generates 8 bytes of cryptographically secure random data that will be used as a token. The token is timestamped for expiration tracking. This constructor is used when we are the DHT node responding to a get_peer request.
ctx - the I2P application context for random number generation and clock accesspublic Token(I2PAppContext ctx, byte[] data)
Stores a token received from a remote DHT node for later use in announce_peer requests. The token is timestamped for expiration tracking. Tokens longer than 64 bytes are rejected to prevent memory exhaustion attacks.
ctx - the I2P application context for clock accessdata - the token data received from the remote DHT nodeIllegalArgumentException - if the token data exceeds 64 bytespublic long lastSeen()
public String toString()
Formats the token data as hexadecimal and includes the creation timestamp if available. The format is consistent with other DHT debugging output.