Cryptography

Zato has APIs for safe, sound and strong operations related to cryptography, including encryption, decryption, hashing and generation of passwords or other secrets.

The functionality offers a productive approach, suitable for direct use in one's applications, without a need for choosing low-level crypto primitives. Everything has sound defaults and is ready for immediate employment.

Note that in addition to crypto functions below, Zato also comes with a dedicated Single Sign-On and user management API, documented in its own chapter.

Topics and use case notes:

• Encryption and decryption
  • Storing sensitive information in databases (PII, PCI, HIPAA, EU GDPR)
  • Sharing of sensitive information with untrusted parties
  • If used for storing user passwords, admins will be able to reveal them - use hashing instead
• Generation of passwords and secrets
  • Generation of strong random values, safe for use in URLs
  • API tokens
  • Data to be used once only (e.g. account creation confirmation)
  • Auto-generation of strong passwords for users
• Hashing
  • Safe storage and verification of one's knowledge of previously stored secrets, typically passwords or other access tokens