Route key_exchange_group over to DevTools.

chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/chrome_security_state_model_client.h"
 
+#include <openssl/ssl.h>
+
 #include "base/command_line.h"
 #include "base/files/file_path.h"
 #include "base/macros.h"
 #include "base/strings/string_split.h"
 #include "base/strings/utf_string_conversions.h"
 #include "chrome/browser/ssl/cert_verifier_browser_test.h"
 #include "chrome/browser/ssl/chrome_security_state_model_client.h"
 #include "chrome/browser/ssl/ssl_blocking_page.h"
 #include "chrome/browser/ui/browser.h"
 #include "chrome/browser/ui/browser_commands.h"
@@ skipping 155 matching lines @@
       net::SSLConnectionStatusToVersion(security_info.connection_status);
   net::SSLVersionToString(&protocol, ssl_version);
   bool is_aead;
   uint16_t cipher_suite =
       net::SSLConnectionStatusToCipherSuite(security_info.connection_status);
   net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead,
                                cipher_suite);
   EXPECT_TRUE(is_aead);
   EXPECT_EQ(NULL, mac);  // The default secure cipher does not have a MAC.
 
+  base::string16 key_exchange_name = base::ASCIIToUTF16(key_exchange);
+  if (security_info.key_exchange_group != 0) {

[lgarron, 2016/09/02 22:45:33]

Hmm, I specifically wanted to avoid branching in this function, to avoid the
chance of dead code paths, and to reduce code duplication with the thing being
tested. (Hence assuming/checking that the MAC is NULL instead of handling that
case.)

Does this actually get hit? If so, then that sounds fine to me.

[davidben, 2016/09/02 22:46:56]

Yeah, it definitely gets hit. That's what prompted the unit test. We're going to
need more branching later anyway for TLS 1.3 stuff.

+    key_exchange_name = l10n_util::GetStringFUTF16(
+        IDS_SSL_KEY_EXCHANGE_WITH_GROUP, key_exchange_name,
+        base::ASCIIToUTF16(
+            SSL_get_curve_name(security_info.key_exchange_group)));
+  }
+
   std::vector<base::string16> description_replacements;
   description_replacements.push_back(base::ASCIIToUTF16(protocol));
-  description_replacements.push_back(base::ASCIIToUTF16(key_exchange));
+  description_replacements.push_back(key_exchange_name);
   description_replacements.push_back(base::ASCIIToUTF16(cipher));
   base::string16 secure_description = l10n_util::GetStringFUTF16(
       IDS_STRONG_SSL_DESCRIPTION, description_replacements, nullptr);
 
   EXPECT_EQ(secure_description,
             base::ASCIIToUTF16(secure_explanations.back().description));
 }
 
 void CheckSecurityInfoForSecure(
     content::WebContents* contents,
@@ skipping 1200 matching lines @@
   ChromeSecurityStateModelClient* model_client =
       ChromeSecurityStateModelClient::FromWebContents(web_contents);
   ASSERT_TRUE(model_client);
   const SecurityStateModel::SecurityInfo& security_info =
       model_client->GetSecurityInfo();
   EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level);
   EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses);
 }
 
 }  // namespace