Scenario: Imagine I want to create an app where users can share encrypted documents with other users, but have certain permissions with regards to what kind of permissions the user they are sharing with has on their shared document.
Example: Imagine that Bob has a document, which he encrypted with Alice's public key, as wants to share the document with Alice. However, Bob only wants to give Alice read permission, and no other permissions, to the document.
My question, is there a library or standard approach for adding a permission layer over RSA keys in this way (or similar), where permissions can be checked, added or revoked for a given key pair, or is this something that has to be handled manually in my application code?
I was wondering if something along the lines of the native Unix permission system for files for the user,group and other users, utilizing bit masks for their read, write or execute permissions, but on the scope a key pair.
I've looked and can't seem to find a library that does this, not entirely sure what to search for keyword-wise. Thanks in advance!
Edit: One approach I managed to read about involved using a simple SQL table for the permissions on a resource which was modified using SQL, but I was wondering if there's a better way to do this, something that isn't entirely reliant on database security, but more mathematical difficulty in the event that an attacker wanted to alter stored permissions
