Hello, I working on a custom integration between Salesforce and Zoom. I’ve set up a marketplace account and installed the Zoom app from AppExchange on my developer edition.
I am able to connect to Zoom via Apex and Postman using the token generated in the “App Credentials” tab. Next, I would like to create the token programmatically using Apex in order to create/update/delete meetings on Zoom via the REST API.
However, running the Apex code below results in “System.SecurityException: Invalid Crypto Key”.
string headerJson = '{"alg": "HS256","typ": "JWT"}';
string payloadJson = '{"iss": "jGim2wjTQROu6r6O_-KbJA", "exp": 1562594400}'; // 07/08/2019 @ 2:00pm (UTC)
string token = EncodingUtil.base64Encode(Blob.valueOf(headerJson)) + '.' + EncodingUtil.base64Encode(Blob.valueOf(payloadJson));
Blob key = EncodingUtil.base64Decode('[API Secret]');
Blob signature = Crypto.sign('RSA-SHA256', Blob.valueOf(token), key);
The documentation for the Crypto.sign method states that “The value of privateKey must be decoded using the EncodingUtilbase64Decode method, and should be in RSA’s PKCS #8 (1.2) Private-Key Information Syntax Standard form. The value cannot exceed 4 KB.”.
Therefore, I tried using openssl to generate a PKCS #8 package.
I first created a file called server.key that had the contents below:
-----BEGIN RSA PRIVATE KEY-----
[API Secret]
-----END RSA PRIVATE KEY-----
And then ran the command to generate the PKCS #8 package but the command failed:
openssl pkcs8 -topk8 -in server.key -out server-pkcs8.key -nocrypt
unable to load key
4294956672:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:157:
4294956672:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1208:
4294956672:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:386:Type=RSA
4294956672:error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib:rsa_ameth.c:121:
4294956672:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:157:
4294956672:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1208:
4294956672:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:386:Type=PKCS8_PRIV_KEY_INFO
4294956672:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:pem_pkey.c:142:
I am unable to sign the token or to convert the API Secret to the PKCS #8 form.
Please let me know if there is a different key apart from “API Secret” field shown on the App Credentials tab that I must use.
Thank you.