

Lockbox: secure secrets for your rails model using public key crypto. - jamesotron
http://www.mashd.cc/tag/lockbox

======
sweis
What padding mode is this using? Looking at the code, I think it's using raw
RSA to encrypt the data directly. That may be vulnerable to several attacks.

I may not understand your application correctly, but it's unclear why you're
even using public key crypto. It appears that you must type a passphrase to
access both a public and private key that live on the same server. Why not
just use a symmetric key?

Cautionary advice about rolling your own crypto:
<http://www.youtube.com/watch?v=ySQl0NhW1J0>

