看下这个https://blog.csdn.net/wangjia55/article/details/80623271

申明:借鉴于 https://blog.csdn.net/wangjia55/article/details/80623271 这位大佬的代码,自己重新封装了工具类
步骤 1: 引入解密相关pom依赖

<dependency>
    <groupId>org.codehaus.xfire</groupId>
    <artifactId>xfire-core</artifactId>
    <version>1.2.6</version>
</dependency>
<dependency>
    <groupId>org.bouncycastle</groupId>
    <artifactId>bcprov-jdk16</artifactId>
    <version>1.46</version>
</dependency>

步骤 2: 详见代码
package com.qhg.wxproject.wxapi.utils;

import com.alibaba.fastjson.JSONObject;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.codehaus.xfire.util.Base64;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.security.*;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;

/**
 * 项目名：wxproject
 * 包  名：com.qhg.wxproject.wxapi.utils
 * 创建者：乔回国
 * 创建时间：2020/10/20 23:32
 * 描述：
 */
public class WxBizDataCrypt {
   private String appId;
   private String sessionKey;

   public WxBizDataCrypt(String appId, String sessionKey) {
      this.appId = appId;
      this.sessionKey = sessionKey;
   }

   /**
    * 微信数据解密
    *
    * @param encryptedData
    * @param iv
    * @return
    */
   public JSONObject decryptData(String encryptedData, String iv) {

      // 被加密的数据
      byte[] dataByte = Base64.decode(encryptedData);
      // 加密秘钥
      byte[] keyByte = Base64.decode(sessionKey);
      // 偏移量
      byte[] ivByte = Base64.decode(iv);
      try {
         // 如果密钥不足16位，那么就补足.  这个if 中的内容很重要
         int base = 16;
         if (keyByte.length % base != 0) {
            int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
            byte[] temp = new byte[groups * base];
            Arrays.fill(temp, (byte) 0);
            System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
            keyByte = temp;
         }
         // 初始化
         Security.addProvider(new BouncyCastleProvider());
         Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
         SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
         AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
         parameters.init(new IvParameterSpec(ivByte));
         cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
         byte[] resultByte = cipher.doFinal(dataByte);
         if (null != resultByte && resultByte.length > 0) {
            String result = new String(resultByte, "UTF-8");
            return JSONObject.parseObject(result);
         }
      } catch (NoSuchAlgorithmException e) {
         e.printStackTrace();
      } catch (NoSuchPaddingException e) {
         e.printStackTrace();
      } catch (InvalidParameterSpecException e) {
         e.printStackTrace();
      } catch (IllegalBlockSizeException e) {
         e.printStackTrace();
      } catch (BadPaddingException e) {
         e.printStackTrace();
      } catch (UnsupportedEncodingException e) {
         e.printStackTrace();
      } catch (InvalidKeyException e) {
         e.printStackTrace();
      } catch (InvalidAlgorithmParameterException e) {
         e.printStackTrace();
      } catch (NoSuchProviderException e) {
         e.printStackTrace();
      }
      return null;

   }

   private WxBizDataCrypt() {
   }

}

步骤 3: demo

/**
 * 数据解密
 *
 * @param sessionKey
 * @param encryptedData
 * @param iv
 * @return
 */
public JSONObject decryptData(String sessionKey, String encryptedData, String iv) {
   WxBizDataCrypt wxBizDataCrypt = new WxBizDataCrypt(WxBaseConf.APP_ID, sessionKey);
   return wxBizDataCrypt.decryptData(encryptedData, iv);
}