39 	 * -- Don't use 3DES if AES or ChaCha20 is available.  in br_ssl_client_init_full()
40 	 * -- Try to have Forward Secrecy (ECDHE suite) if possible.  in br_ssl_client_init_full()
41 	 * -- When not using Forward Secrecy, ECDH key exchange is  in br_ssl_client_init_full()
45 	 * -- ChaCha20+Poly1305 is better than AES/GCM (faster, smaller code).  in br_ssl_client_init_full()
46 	 * -- GCM is better than CCM and CBC. CCM is better than CBC.  in br_ssl_client_init_full()
47 	 * -- CCM is preferable over CCM_8 (with CCM_8, forgeries may succeed  in br_ssl_client_init_full()
48 	 *    with probability 2^(-64)).  in br_ssl_client_init_full()
49 	 * -- AES-128 is preferred over AES-256 (AES-128 is already  in br_ssl_client_init_full()
50 	 *    strong enough, and AES-256 is 40% more expensive).  in br_ssl_client_init_full()
117 	 * Reset client context and set supported versions from TLS-1.0  in br_ssl_client_init_full()
118 	 * to TLS-1.2 (inclusive).  in br_ssl_client_init_full()
121 	br_ssl_engine_set_versions(&cc->eng, BR_TLS10, BR_TLS12);  in br_ssl_client_init_full()
124 	 * X.509 engine uses SHA-256 to hash certificate DN (for  in br_ssl_client_init_full()
136 	br_ssl_engine_set_suites(&cc->eng, suites,  in br_ssl_client_init_full()
139 	br_ssl_engine_set_default_rsavrfy(&cc->eng);  in br_ssl_client_init_full()
140 	br_ssl_engine_set_default_ecdsa(&cc->eng);  in br_ssl_client_init_full()
141 	br_x509_minimal_set_rsa(xc, br_ssl_engine_get_rsavrfy(&cc->eng));  in br_ssl_client_init_full()
143 		br_ssl_engine_get_ec(&cc->eng),  in br_ssl_client_init_full()
144 		br_ssl_engine_get_ecdsa(&cc->eng));  in br_ssl_client_init_full()
153 		hc = hashes[id - 1];  in br_ssl_client_init_full()
154 		br_ssl_engine_set_hash(&cc->eng, id, hc);  in br_ssl_client_init_full()
161 	br_ssl_engine_set_x509(&cc->eng, &xc->vtable);  in br_ssl_client_init_full()
166 	br_ssl_engine_set_prf10(&cc->eng, &br_tls10_prf);  in br_ssl_client_init_full()
167 	br_ssl_engine_set_prf_sha256(&cc->eng, &br_tls12_sha256_prf);  in br_ssl_client_init_full()
168 	br_ssl_engine_set_prf_sha384(&cc->eng, &br_tls12_sha384_prf);  in br_ssl_client_init_full()
172 	 * (fastest among constant-time implementations).  in br_ssl_client_init_full()
174 	br_ssl_engine_set_default_aes_cbc(&cc->eng);  in br_ssl_client_init_full()
175 	br_ssl_engine_set_default_aes_ccm(&cc->eng);  in br_ssl_client_init_full()
176 	br_ssl_engine_set_default_aes_gcm(&cc->eng);  in br_ssl_client_init_full()
177 	br_ssl_engine_set_default_des_cbc(&cc->eng);  in br_ssl_client_init_full()
178 	br_ssl_engine_set_default_chapol(&cc->eng);  in br_ssl_client_init_full()