Add toggle to disable key permissions check

This commit is contained in:
David Hancock 2017-11-28 09:03:40 +00:00
parent 8e5df6d628
commit 696c78de58

View File

@ -29,8 +29,9 @@ class CryptKey
/** /**
* @param string $keyPath * @param string $keyPath
* @param null|string $passPhrase * @param null|string $passPhrase
* @param bool $keyPermissionsCheck
*/ */
public function __construct($keyPath, $passPhrase = null) public function __construct($keyPath, $passPhrase = null, $keyPermissionsCheck = true)
{ {
if (preg_match(self::RSA_KEY_PATTERN, $keyPath)) { if (preg_match(self::RSA_KEY_PATTERN, $keyPath)) {
$keyPath = $this->saveKeyToFile($keyPath); $keyPath = $this->saveKeyToFile($keyPath);
@ -44,20 +45,16 @@ class CryptKey
throw new \LogicException(sprintf('Key path "%s" does not exist or is not readable', $keyPath)); throw new \LogicException(sprintf('Key path "%s" does not exist or is not readable', $keyPath));
} }
if ($keyPermissionsCheck === true) {
// Verify the permissions of the key // Verify the permissions of the key
$keyPathPerms = decoct(fileperms($keyPath) & 0777); $keyPathPerms = decoct(fileperms($keyPath) & 0777);
if ($keyPathPerms !== '600') { if (in_array($keyPathPerms, ['600', '660'], true) === false) {
// Attempt to correct the permissions
if (chmod($keyPath, 0600) === false) {
// @codeCoverageIgnoreStart // @codeCoverageIgnoreStart
trigger_error( trigger_error(sprintf(
sprintf( 'Key file "%s" permissions are not correct, should be 600 or 660 instead of %s',
'Key file "%s" permissions are not correct, should be 600 instead of %s, unable to automatically resolve the issue',
$keyPath, $keyPath,
$keyPathPerms $keyPathPerms
), ), E_USER_NOTICE);
E_USER_NOTICE
);
// @codeCoverageIgnoreEnd // @codeCoverageIgnoreEnd
} }
} }