Route key_exchange_group over to DevTools.

net/ssl/ssl_info.cc

Index: net/ssl/ssl_info.cc
diff --git a/net/ssl/ssl_info.cc b/net/ssl/ssl_info.cc
index 12b3d4a5a17a63f8933b589af2d2414efad82728..d8b7aa63c50df1a8e90d05880fd3f3548b3be312 100644
--- a/net/ssl/ssl_info.cc
+++ b/net/ssl/ssl_info.cc
@@ -4,11 +4,14 @@
 
 #include "net/ssl/ssl_info.h"
 
+#include <openssl/ssl.h>
+
 #include "base/pickle.h"
 #include "net/cert/cert_status_flags.h"
 #include "net/cert/ct_policy_status.h"
 #include "net/cert/signed_certificate_timestamp.h"
 #include "net/cert/x509_certificate.h"
+#include "net/ssl/ssl_connection_status_flags.h"
 
 namespace net {
 
@@ -71,6 +74,24 @@ void SSLInfo::Reset() {
   ocsp_result = OCSPVerifyResult();
 }
 
+uint16_t SSLInfo::GetKeyExchangeGroup() const {
+  // key_exchange_info is sometimes the (EC)DH group ID and sometimes a
+  // completely different value.
+  //
+  // TODO(davidben): Once the DHE removal has stuck, remove key_exchange_info
+  // from this struct, doing all necessary conversions when parsing out of
+  // legacy cache entries. At that point, this accessor may be replaced with the
+  // struct field. See https://crbug.com/639421.
+  //
+  // TODO(davidben): When TLS 1.3 draft 15's new negotiation is implemented,
+  // also report key_exchange_info for the new AEAD/PRF ciphers.
+  uint16_t cipher_value = SSLConnectionStatusToCipherSuite(connection_status);
+  const SSL_CIPHER* cipher = SSL_get_cipher_by_value(cipher_value);
+  if (cipher && SSL_CIPHER_is_ECDHE(cipher))
+    return static_cast<uint16_t>(key_exchange_info);
+  return 0;
+}
+
 void SSLInfo::SetCertError(int error) {
   cert_status |= MapNetErrorToCertStatus(error);
 }