diff --git a/encryption/spiral/spiral.go b/encryption/spiral/spiral.go
index 820d29c..ae2fe3f 100644
--- a/encryption/spiral/spiral.go
+++ b/encryption/spiral/spiral.go
@@ -2,12 +2,13 @@
 package spiral
 
 import (
+	"crypto/aes"
+	"crypto/cipher"
 	"errors"
 	"fmt"
 	"strings"
 
 	"archgrid.xyz/ag/toolsbox/encryption"
-	"archgrid.xyz/ag/toolsbox/encryption/aes"
 	"archgrid.xyz/ag/toolsbox/hash/sha512"
 	verifyCode "archgrid.xyz/ag/toolsbox/random/verify_code"
 	"archgrid.xyz/ag/toolsbox/serialize/base64"
@@ -21,25 +22,34 @@ const (
 )
 
 // 根据给定的密钥字符串生成加解密使用的密钥。
+// 与Rust版本兼容：使用SHA512 hex字符串的字节表示。
 func generateKey(key string) []byte {
-	keyBytes := sha512.Sha512([]byte(key))
-	return keyBytes[4:36]
+	hexStr := sha512.Sha512Hex([]byte(key))
+	// 取hex字符串的第4-36字节（对应Rust版本）
+	return []byte(hexStr[4:36])
 }
 
 // 对给定的数据进行加密。
 func Encrypt(data string, strength ...Strength) (string, error) {
-	var ivGen aes.IVGenerator
-	if append(strength, Enhanced)[0] == Compatible {
-		ivGen = aes.PrefixIVGenerator
-	} else {
-		ivGen = aes.XorIVGenerator
-	}
 	key := verifyCode.RandStr(20)
 	keyBytes := generateKey(key)
-	cipherData, err := aes.Encrypt([]byte(data), keyBytes, encryption.PKCS7Padding, ivGen)
+
+	// 直接使用crypto/aes，避免二次SHA256哈希
+	block, err := aes.NewCipher(keyBytes)
 	if err != nil {
-		return "", fmt.Errorf("加密计算失败，%w", err)
+		return "", fmt.Errorf("创建加密单元失败，%w", err)
 	}
+
+	// 使用key的前16字节作为IV（与Rust版本PrefixIVGenerator对应）
+	iv := keyBytes[:16]
+
+	// PKCS7 padding
+	plainText := encryption.Padding([]byte(data), block.BlockSize(), encryption.PKCS7Padding)
+
+	cipherData := make([]byte, len(plainText))
+	mode := cipher.NewCBCEncrypter(block, iv)
+	mode.CryptBlocks(cipherData, plainText)
+
 	var result strings.Builder
 	result.WriteString("[")
 	result.WriteString(key)
@@ -49,24 +59,32 @@ func Encrypt(data string, strength ...Strength) (string, error) {
 
 // 对给定的数据进行解密。
 func Decrypt(data string, strength ...Strength) (string, error) {
-	var ivGen aes.IVGenerator
-	if append(strength, Enhanced)[0] == Compatible {
-		ivGen = aes.PrefixIVGenerator
-	} else {
-		ivGen = aes.XorIVGenerator
-	}
 	if message, found := strings.CutPrefix(data, "["); found {
 		if len(message) > 20 {
 			keySeed := message[:20]
-			key := generateKey(keySeed)
+			keyBytes := generateKey(keySeed)
+
 			cipherData, err := base64.FromBase64(message[20:])
 			if err != nil {
 				return "", fmt.Errorf("密文损坏无法解析，%w", err)
 			}
-			plainText, err := aes.Decrypt(cipherData, key, encryption.PKCS7Padding, ivGen)
+
+			// 直接使用crypto/aes，避免二次SHA256哈希
+			block, err := aes.NewCipher(keyBytes)
 			if err != nil {
-				return "", fmt.Errorf("密文解密计算失败，%w", err)
+				return "", fmt.Errorf("创建加密单元失败，%w", err)
 			}
+
+			// 使用key的前16字节作为IV（与Rust版本对应）
+			iv := keyBytes[:16]
+
+			plainText := make([]byte, len(cipherData))
+			mode := cipher.NewCBCDecrypter(block, iv)
+			mode.CryptBlocks(plainText, cipherData)
+
+			// PKCS7 unpadding
+			plainText = encryption.Unpadding(plainText, encryption.PKCS7Padding)
+
 			return string(plainText), nil
 		}
 		return "", errors.New("密文缺损，无法完成解密。")