Archived Forum Post

Index of archived forum posts

Question:

SSH Key fails with "P is not prime"

Nov 26 '12 at 11:30

I use the class CkSshKey and the function FromOpenSshPublicKey.

The verification of my public key file failed. The LastErrorText contains the following text:

VerifyRsaKey:
    P is not prime.

I did not find any error description in the documentation that will explained the error. What is going wrong?


Answer

The problem is that the key is not a valid one. The "P" part of the key should be a large prime number. The software that produced the key created one that did not use a prime number for the "P".

See this: http://en.wikipedia.org/wiki/RSA_%28algorithm%29

Key generation

RSA involves a public key and a private key. The public key can be known to everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted using the private key. The keys for the RSA algorithm are generated the following way:

Choose two distinct prime numbers p and q.

For security purposes, the integers p and q should be chosen at random, and should be of similar bit-length. Prime integers can be efficiently found using a primality test.

Unfortunately, the only solution is to re-generate a new key such that the p and q are valid prime numbers. There are computational issues w/ using non-prime numbers, and it wouldn't be a good idea to use a key where these parts are not prime.