Thank you for quick reply,
we are integration with 3rd party application, doc for that apps says:
1. Before signing the SAML response, the Yodlee attributes have to be encrypted.
2. The encryption is done by generating a temporary symmetric key.
Temporary Key Algorithm - AES
Temporary Key Size - 128
Temporary Key Transformation (one of these two):
3. Using this generated temporary key, encrypt the Yodlee attributes.
4. The encrypted text should be encoded with Base64 encoding.
5. The temporary key should be wrapped/encrypted with the Yodlee public key using the
Wrapping Key Algorithm - RSA
Wrapping Key Transaction - RSA/ECB/PKCS1Padding
6. The wrapped key should be encoded with Base64 encoding.
7. Then, the encoded key and encoded text should be sent along with the response in
the format of: <base64encodedcipherkey>:<base64encodedciphertext>
so we don't have much choice here.