fix: 加密修改

core/src/main/java/com/kakarote/core/security/EncryptionService.java

@@ -5,6 +5,7 @@ import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
+import javax.crypto.AEADBadTagException;
 import javax.crypto.Cipher;
 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
@@ -123,7 +124,9 @@ public class EncryptionService {
             // 执行解密
             byte[] plaintext = cipher.doFinal(decoded);
             return new String(plaintext, StandardCharsets.UTF_8);
-        } catch (Exception e) {
+        } catch (AEADBadTagException e) {
+            return decryptAes(ciphertext);
+        }catch (Exception e) {
             log.error("确定性AES解密失败", e);
             throw new SecurityException("数据解密失败", e);
         }

core/src/main/java/com/kakarote/core/security/converter/SensitiveDataConverter.java

@@ -33,6 +33,16 @@ public class SensitiveDataConverter extends AbstractJsonTypeHandler<String> impl
         this.encryptionService = encryptionService;
     }
 
+    public String getNullableResult(ResultSet resultSet, String s) throws SQLException {
+        String value = resultSet.getString(s);
+        if (value != null && value.startsWith(Const.ENCRYPTED_PREFIX)) {
+            // 修复：使用deterministicDecryptAes方法解密由deterministicEncryptAes加密的数据
+            String encryptedValue = value.substring(Const.ENCRYPTED_PREFIX.length());
+            value = getEncryptionService().deterministicDecryptAes(encryptedValue);
+        }
+        return value;
+    }
+
     @Override
     public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
         SensitiveDataConverter.applicationContext = applicationContext;
@@ -54,22 +64,14 @@ public class SensitiveDataConverter extends AbstractJsonTypeHandler<String> impl
         preparedStatement.setString(i, s);
     }
 
-    @Override
-    public String getNullableResult(ResultSet resultSet, String s) throws SQLException {
-        String value = resultSet.getString(s);
-        if (value != null && value.startsWith(Const.ENCRYPTED_PREFIX)) {
-            // 修复：移除前缀后再解密
-            value = getEncryptionService().decryptAes(value.substring(Const.ENCRYPTED_PREFIX.length()));
-        }
-        return value;
-    }
 
     @Override
     public String getNullableResult(ResultSet resultSet, int i) throws SQLException {
         String value = resultSet.getString(i);
         if (value != null && value.startsWith(Const.ENCRYPTED_PREFIX)) {
-            // 修复：移除前缀后再解密
-            value = getEncryptionService().decryptAes(value.substring(Const.ENCRYPTED_PREFIX.length()));
+            // 修复：使用deterministicDecryptAes方法解密由deterministicEncryptAes加密的数据
+            String encryptedValue = value.substring(Const.ENCRYPTED_PREFIX.length());
+            value = getEncryptionService().deterministicDecryptAes(encryptedValue);
         }
         return value;
     }
@@ -78,8 +80,9 @@ public class SensitiveDataConverter extends AbstractJsonTypeHandler<String> impl
     public String getNullableResult(CallableStatement callableStatement, int i) throws SQLException {
         String value = callableStatement.getString(i);
         if (value != null && value.startsWith(Const.ENCRYPTED_PREFIX)) {
-            // 修复：移除前缀后再解密
-            value = getEncryptionService().decryptAes(value.substring(Const.ENCRYPTED_PREFIX.length()));
+            // 修复：使用deterministicDecryptAes方法解密由deterministicEncryptAes加密的数据
+            String encryptedValue = value.substring(Const.ENCRYPTED_PREFIX.length());
+            value = getEncryptionService().deterministicDecryptAes(encryptedValue);
         }
         return value;
     }