Python Cryptography

Zato has APIs for safe, sound and strong operations related to cryptography, including encryption, decryption, hashing and generation of passwords or other secrets.

The functionality offers a productive approach, suitable for direct use in one's applications, without a need for choosing low-level crypto primitives. Everything has sound defaults and is ready for immediate employment.

Note that in addition to crypto functions below, Zato also comes with a dedicated Single Sign-On and user management API, documented in its own chapter.

Topics and use case notes:

  • Encryption and decryption
    • Storing sensitive information in databases (PII, PCI, HIPAA, EU GDPR)
    • Sharing of sensitive information with untrusted parties
    • If used for storing user passwords, admins will be able to reveal them - use hashing instead
  • Generation of passwords and secrets
    • Generation of strong random values, safe for use in URLs
    • API tokens
    • Data to be used once only (e.g. account creation confirmation)
    • Auto-generation of strong passwords for users
  • Hashing
    • Safe storage and verification of one's knowledge of previously stored secrets, typically passwords or other access tokens