You can use something like this(replace yourCredential
with your Credential
object):
StaticKeyInfoCredentialResolver keyresolver =
new StaticKeyInfoCredentialResolver(yourCredential);
Decrypter samlDecrypter = new Decrypter(null, keyresolver, new InlineEncryptedKeyResolver());
Assertion assertion = samlDecrypter.decrypt(response.getEncryptedAssertions().get(0));
If your scenario is more complicated, a more detailed example can be found here on shibboleth's wiki: Link