From 6e59505bb297e5a3ea7ad90734c75111122e72b7 Mon Sep 17 00:00:00 2001
From: Andrew Thoelke <andrew.thoelke@arm.com>
Date: Mon, 7 Oct 2019 22:27:17 +0100
Subject: [PATCH] Recommend use of GREASE values for vendor defined DH groups

---
 include/psa/crypto_types.h | 30 ++++++++++++++++++++++++++++--
 1 file changed, 28 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
index dfc17a95f..c4f9acd46 100644
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@@ -111,9 +111,35 @@ typedef uint16_t psa_ecc_curve_t;
  * 1. Select a ::psa_dh_group_t value in the range #PSA_DH_GROUP_VENDOR_MIN to
  *    #PSA_DH_GROUP_VENDOR_MAX, which is a subset of the IANA private use
  *    range.
- * 2. Use a ::psa_key_type_t value that is vendor-defined.
+ * 2. Select a ::psa_dh_group_t value from the named groups allocated for
+ *    GREASE in the IETF draft specification. The GREASE specification and
+ *    values are listed below.
+ * 3. Use a ::psa_key_type_t value that is vendor-defined.
  *
- * The first option is recommended.
+ * Option 1 or 2 are recommended.
+ *
+ * The current draft of the GREASE specification is
+ * https://datatracker.ietf.org/doc/draft-ietf-tls-grease
+ *
+ * The following GREASE values are allocated for named groups:
+ * \code
+ * 0x0A0A
+ * 0x1A1A
+ * 0x2A2A
+ * 0x3A3A
+ * 0x4A4A
+ * 0x5A5A
+ * 0x6A6A
+ * 0x7A7A
+ * 0x8A8A
+ * 0x9A9A
+ * 0xAAAA
+ * 0xBABA
+ * 0xCACA
+ * 0xDADA
+ * 0xEAEA
+ * 0xFAFA
+ * \endcode
  */
 typedef uint16_t psa_dh_group_t;