diff --git a/src/CryptKey.php b/src/CryptKey.php index 8b1ed1107..d04c60512 100644 --- a/src/CryptKey.php +++ b/src/CryptKey.php @@ -29,8 +29,9 @@ class CryptKey /** * @param string $keyPath * @param null|string $passPhrase + * @param bool $keyPermissionsCheck */ - public function __construct($keyPath, $passPhrase = null) + public function __construct($keyPath, $passPhrase = null, $keyPermissionsCheck = true) { if (preg_match(self::RSA_KEY_PATTERN, $keyPath)) { $keyPath = $this->saveKeyToFile($keyPath); @@ -44,20 +45,16 @@ public function __construct($keyPath, $passPhrase = null) throw new \LogicException(sprintf('Key path "%s" does not exist or is not readable', $keyPath)); } - // Verify the permissions of the key - $keyPathPerms = decoct(fileperms($keyPath) & 0777); - if ($keyPathPerms !== '600') { - // Attempt to correct the permissions - if (chmod($keyPath, 0600) === false) { + if ($keyPermissionsCheck === true) { + // Verify the permissions of the key + $keyPathPerms = decoct(fileperms($keyPath) & 0777); + if (in_array($keyPathPerms, ['600', '660'], true) === false) { // @codeCoverageIgnoreStart - trigger_error( - sprintf( - 'Key file "%s" permissions are not correct, should be 600 instead of %s, unable to automatically resolve the issue', - $keyPath, - $keyPathPerms - ), - E_USER_NOTICE - ); + trigger_error(sprintf( + 'Key file "%s" permissions are not correct, should be 600 or 660 instead of %s', + $keyPath, + $keyPathPerms + ), E_USER_NOTICE); // @codeCoverageIgnoreEnd } }