Open
Description
Describe the bug
As part of #1398 the dependency for "spring-security-rsa" was removed.
However, ConfigServerConfigDataLocationResolver class still refers to RsaSecretEncryptor from spring-security-rsa package.
static final boolean RSA_IS_PRESENT = ClassUtils.isPresent("org.springframework.security.rsa.crypto.RsaSecretEncryptor", (ClassLoader)null);
Note that org.springframework.security.rsa.crypto.RsaSecretEncryptor is part of "spring-security-rsa". I think it should change to use org.springframework.security.crypto.encrypt.RsaSecretEncryptor which is from "spring-security-crypto"
The above bug causes, RSA_IS_PRESENT to be false and then fails to decrypt the secret from cloud-config server and causes NullPointerException since it goes to branch which uses EncryptorFactory instead of using TextEncryptorUtils