I am trying to use the Lockbox gem to encrypt Devise User emails as per: https://ankane.org/securing-user-emails-lockbox. I've added the lockbox and blind_index gem, run the migrations (with a text field for :email_ciphertext as per https://github.com/ankane/lockbox, e.g.:
def change
# encrypted data
add_column :users, :email_ciphertext, :text
#blind index
add_column :users, :email_bidx, :string
add_index :users, :email_bidx, unique: true
#drop the original user email column
remove_column :users, :email
end
And updated my User model with:
encrypts :email, key: "0000000000000000000000000000000000000000000000000000000000000000"
blind_index :email, key: "0000000000000000000000000000000000000000000000000000000000000000"
However when I try to create a new User I get the error: LoadError in Users::RegistrationsController#create Could not find Argon2.
I've tried to adding the gem Argon2 but it does not fix the error. My gem file includes:
gem 'lockbox'
gem 'blind_index'
gem 'argon2' , '>= 2'
I am using
ruby --version: ruby 2.6.1p33 (2019-01-30 revision 66950) [x86_64-linux], and rails -v: Rails 5.0.7.2
Bundle info argon2 gives
* argon2 (2.0.2)
Summary: Argon2 Password hashing binding
Homepage: https://github.com/technion/ruby-argon2
Path: /home/csbarton/.rvm/gems/ruby-2.6.1/gems/argon2-2.0.2
Lockbox is working in the rails console to encrypt/decrypt strings, but when I run the following console commands:
n = User.new
n.email="test@email.com"
I get the error :
NoMethodError (undefined method `argon2id_hash_raw' for Argon2::KDF::FFI:Module)
Any ideas why I am not able to create a new User? Thanks!
This was a bug and has been fixed in the 0.1.2 release (source: am maintainer)