feat(health): patient_service 集成 PiiCrypto — 电话/过敏史/病史加密

- HealthState.crypto: HealthCrypto → PiiCrypto (erp-core) - create_patient: 加密 phone/allergy/medical_history + HMAC 索引 - update_patient: 同上，同步加密 - model_to_resp_decrypted: 解密所有 Tier 1 字段 - model_to_resp (列表): Tier 1 字段返回 None - list_patients 搜索: 新增 phone hash 精确搜索 - article handler: 适配新 list_articles 签名 - article 迁移: 添加 category_id 列 - error.rs: From<String> for HealthError - 集成测试: HealthCrypto → PiiCrypto::dev_default()
2026-04-26 10:37:52 +08:00
parent e0b299ccd4
commit e6f036eaf4
11 changed files with 367 additions and 51 deletions
--- a/crates/erp-health/src/module.rs
+++ b/crates/erp-health/src/module.rs
@@ -462,20 +462,19 @@ impl ErpModule for HealthModule {
    }

    async fn on_startup(&self, ctx: &erp_core::module::ModuleContext) -> erp_core::error::AppResult<()> {
-        let crypto = match crate::crypto::HealthCrypto::from_keys(
-            &std::env::var("HEALTH_AES_KEY").unwrap_or_default(),
-            &std::env::var("HEALTH_HMAC_KEY").unwrap_or_default(),
+        let crypto = match erp_core::crypto::PiiCrypto::from_kek_hex(
+            &std::env::var("ERP__CRYPTO__KEK").unwrap_or_default(),
        ) {
            Ok(c) => c,
            Err(_) => {
                #[cfg(debug_assertions)]
                {
-                    tracing::warn!("HEALTH_AES_KEY / HEALTH_HMAC_KEY 未设置或无效，使用开发默认密钥");
-                    crate::crypto::HealthCrypto::dev_default()
+                    tracing::warn!("ERP__CRYPTO__KEK 未设置或无效，使用开发默认密钥");
+                    erp_core::crypto::PiiCrypto::dev_default()
                }
                #[cfg(not(debug_assertions))]
                {
-                    panic!("HEALTH_AES_KEY 和 HEALTH_HMAC_KEY 必须设置为有效的 64 字符 hex 字符串（生产环境不允许回退到开发密钥）");
+                    panic!("ERP__CRYPTO__KEK 必须设置为有效的 64 字符 hex 字符串（生产环境不允许回退到开发密钥）");
                }
            }
        };