diff --git a/src/SKIT.FlurlHttpClient.Wechat.Api/Utilities/AESUtility.cs b/src/SKIT.FlurlHttpClient.Wechat.Api/Utilities/AESUtility.cs
index 40239248..07d0a63f 100644
--- a/src/SKIT.FlurlHttpClient.Wechat.Api/Utilities/AESUtility.cs
+++ b/src/SKIT.FlurlHttpClient.Wechat.Api/Utilities/AESUtility.cs
@@ -11,13 +11,13 @@ namespace SKIT.FlurlHttpClient.Wechat.Api.Utilities
     public static class AESUtility
     {
         /// <summary>
-        /// 解密数据。
+        /// 基于 CBC 模式解密数据。
         /// </summary>
         /// <param name="keyBytes">AES 密钥字节数组。</param>
         /// <param name="ivBytes">加密使用的初始化向量字节数组。</param>
         /// <param name="cipherBytes">待解密数据字节数组。</param>
         /// <returns>解密后的数据字节数组。</returns>
-        public static byte[] Decrypt(byte[] keyBytes, byte[] ivBytes, byte[] cipherBytes)
+        public static byte[] DecryptWithCBC(byte[] keyBytes, byte[] ivBytes, byte[] cipherBytes)
         {
             if (keyBytes == null) throw new ArgumentNullException(nameof(keyBytes));
             if (ivBytes == null) throw new ArgumentNullException(nameof(ivBytes));
@@ -25,32 +25,29 @@ namespace SKIT.FlurlHttpClient.Wechat.Api.Utilities
 
             using (SymmetricAlgorithm aes = Aes.Create())
             {
+                aes.Mode = CipherMode.CBC;
+                aes.Padding = PaddingMode.PKCS7;
                 aes.Key = keyBytes;
                 aes.IV = ivBytes;
 
-                using (Stream ms = new MemoryStream(cipherBytes))
-                using (Stream cs = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Read))
-                {
-                    byte[] plainBytes = new byte[cipherBytes.Length];
-                    cs.Read(plainBytes, 0, plainBytes.Length);
-                    return plainBytes;
-                }
+                using ICryptoTransform transform = aes.CreateDecryptor();
+                return transform.TransformFinalBlock(cipherBytes, 0, cipherBytes.Length);
             }
         }
 
         /// <summary>
-        /// 解密数据。
+        /// 基于 CBC 模式解密数据。
         /// </summary>
         /// <param name="encodingKey">经 Base64 编码后的 AES 密钥。</param>
         /// <param name="encodingIV">经 Base64 编码后的 AES 初始化向量。</param>
         /// <param name="encodingCipherText">经 Base64 编码后的待解密数据。</param>
         /// <returns>解密后的文本数据。</returns>
-        public static string Decrypt(string encodingKey, string encodingIV, string encodingCipherText)
+        public static string DecryptWithCBC(string encodingKey, string encodingIV, string encodingCipherText)
         {
             if (encodingKey == null) throw new ArgumentNullException(nameof(encodingKey));
             if (encodingCipherText == null) throw new ArgumentNullException(nameof(encodingCipherText));
 
-            byte[] plainBytes = Decrypt(
+            byte[] plainBytes = DecryptWithCBC(
                 keyBytes: Convert.FromBase64String(encodingKey),
                 ivBytes: Convert.FromBase64String(encodingIV),
                 cipherBytes: Convert.FromBase64String(encodingCipherText)