From 33561bcc802b7667fb2640c13d2ae2658c7abfcb Mon Sep 17 00:00:00 2001
From: mouyong <my24251325@gmail.com>
Date: Wed, 23 Jul 2025 22:34:26 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E7=94=A8=E6=88=B7=E6=8F=90?=
 =?UTF-8?q?=E4=BE=9B=E7=9A=84=20=E5=AF=86=E9=92=A5=E5=A4=AA=E7=9F=AD?=
 =?UTF-8?q?=E5=AF=BC=E8=87=B4=E6=97=A0=E6=B3=95=E4=BF=9D=E5=AD=98=E6=8E=88?=
 =?UTF-8?q?=E6=9D=83=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/services/geminiAccountService.js | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/services/geminiAccountService.js b/src/services/geminiAccountService.js
index a0a76dda..f38721a7 100644
--- a/src/services/geminiAccountService.js
+++ b/src/services/geminiAccountService.js
@@ -21,9 +21,14 @@ const OAUTH_SCOPES = ['https://www.googleapis.com/auth/cloud-platform'];
 
 // 加密相关常量
 const ALGORITHM = 'aes-256-cbc';
-const ENCRYPTION_KEY = Buffer.from(config.security.encryptionKey, 'hex');
+const ENCRYPTION_SALT = 'gemini-account-salt';
 const IV_LENGTH = 16;
 
+// 生成加密密钥（使用与 claudeAccountService 相同的方法）
+function generateEncryptionKey() {
+  return crypto.scryptSync(config.security.encryptionKey, ENCRYPTION_SALT, 32);
+}
+
 // Gemini 账户键前缀
 const GEMINI_ACCOUNT_KEY_PREFIX = 'gemini_account:';
 const SHARED_GEMINI_ACCOUNTS_KEY = 'shared_gemini_accounts';
@@ -32,8 +37,9 @@ const ACCOUNT_SESSION_MAPPING_PREFIX = 'gemini_session_account_mapping:';
 // 加密函数
 function encrypt(text) {
   if (!text) return '';
+  const key = generateEncryptionKey();
   const iv = crypto.randomBytes(IV_LENGTH);
-  const cipher = crypto.createCipheriv(ALGORITHM, ENCRYPTION_KEY, iv);
+  const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
   let encrypted = cipher.update(text);
   encrypted = Buffer.concat([encrypted, cipher.final()]);
   return iv.toString('hex') + ':' + encrypted.toString('hex');
@@ -43,10 +49,11 @@ function encrypt(text) {
 function decrypt(text) {
   if (!text) return '';
   try {
+    const key = generateEncryptionKey();
     const textParts = text.split(':');
     const iv = Buffer.from(textParts.shift(), 'hex');
     const encryptedText = Buffer.from(textParts.join(':'), 'hex');
-    const decipher = crypto.createDecipheriv(ALGORITHM, ENCRYPTION_KEY, iv);
+    const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
     let decrypted = decipher.update(encryptedText);
     decrypted = Buffer.concat([decrypted, decipher.final()]);
     return decrypted.toString();
@@ -670,4 +677,4 @@ module.exports = {
   isTokenExpired,
   OAUTH_CLIENT_ID,
   OAUTH_SCOPES
-};
\ No newline at end of file
+};