diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 7090fce13..3b3fd3c4d 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -12,12 +12,12 @@ jobs:
       fail-fast: false
       matrix:
         php: [8.1, 8.2, 8.3]
-        os: [ubuntu-22.04]
+        os: [ubuntu-latest, windows-latest]
         stability: [prefer-lowest, prefer-stable]
 
     runs-on: ${{ matrix.os }}
 
-    name: PHP ${{ matrix.php }} - ${{ matrix.stability }}
+    name: PHP ${{ matrix.php }} - ${{ matrix.stability }} - ${{ matrix.os }}
 
     steps:
       - name: Checkout code
@@ -29,7 +29,7 @@ jobs:
         uses: shivammathur/setup-php@v2
         with:
           php-version: ${{ matrix.php }}
-          extensions: dom, curl, libxml, mbstring, zip
+          extensions: dom, curl, libxml, mbstring, sodium, zip
           coverage: pcov
 
       - name: Install dependencies
diff --git a/src/CryptKey.php b/src/CryptKey.php
index 3a3bdd9d4..135a2f7b9 100644
--- a/src/CryptKey.php
+++ b/src/CryptKey.php
@@ -72,7 +72,7 @@ public function __construct(string $keyPath, protected ?string $passPhrase = nul
             throw new LogicException('Invalid key supplied');
         }
 
-        if ($keyPermissionsCheck === true) {
+        if ($keyPermissionsCheck === true && PHP_OS_FAMILY !== 'Windows') {
             // Verify the permissions of the key
             $keyPathPerms = decoct(fileperms($this->keyPath) & 0777);
             if (in_array($keyPathPerms, ['400', '440', '600', '640', '660'], true) === false) {
diff --git a/tests/AuthorizationServerTest.php b/tests/AuthorizationServerTest.php
index 6e41a17f3..f01c30638 100644
--- a/tests/AuthorizationServerTest.php
+++ b/tests/AuthorizationServerTest.php
@@ -50,6 +50,15 @@ public function setUp(): void
         chmod(__DIR__ . '/Stubs/private.key.crlf', 0600);
     }
 
+    public function testKeyPermissions(): void
+    {
+        $permission = PHP_OS_FAMILY === 'Windows' ? '666' : '600';
+
+        self::assertSame($permission, decoct(fileperms(__DIR__ . '/Stubs/private.key') & 0777));
+        self::assertSame($permission, decoct(fileperms(__DIR__ . '/Stubs/public.key') & 0777));
+        self::assertSame($permission, decoct(fileperms(__DIR__ . '/Stubs/private.key.crlf') & 0777));
+    }
+
     public function testGrantTypeGetsEnabled(): void
     {
         $server = new AuthorizationServer(