fixed requested issue

Author: nuwangeek

README.md

@@ -12,7 +12,7 @@ The **BYK-RAG Module** is part of the Burokratt ecosystem, designed to provide *
   - Models searchable via dropdown with cache-enabled indicators.
 
 - **Enhanced Security with RSA Encryption**  
-  - LLM credentials encrypted with RSA-4096 asymmetric encryption before storage.  
+  - LLM credentials encrypted with RSA-2048 asymmetric encryption before storage.  
   - GUI encrypts using public key; CronManager decrypts with private key.  
   - Additional security layer beyond HashiCorp Vault's encryption.  
 

src/utils/decrypt_vault_secrets.py

@@ -67,11 +67,11 @@ def decrypt_rsa_oaep(encrypted_base64url: str, private_key_pem: str) -> str:
         loaded_key = serialization.load_pem_private_key(
             private_key_pem.encode("utf-8"), password=None, backend=default_backend()
         )
-        
+
         # Type check and cast to RSA private key
         if not isinstance(loaded_key, rsa.RSAPrivateKey):
             raise TypeError("Private key must be an RSA key")
-        
+
         private_key: rsa.RSAPrivateKey = loaded_key
 
         # Decode Base64URL to bytes (in memory)