ChromeOS cryptohome should be able to use gaia id as user identifier.

chrome/browser/profiles/profile_io_data.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/profiles/profile_io_data.h"
 
 #include <stddef.h>
 #include <string>
 #include <utility>
 
@@ skipping 277 matching lines @@
     BrowserThread::PostTask(
         BrowserThread::IO,
         FROM_HERE,
         base::Bind(&crypto::InitializeTPMForChromeOSUser,
                    username_hash, info.token_slot_id));
   } else {
     NOTREACHED() << "TPMTokenInfoGetter reported invalid token.";
   }
 }
 
-void GetTPMInfoForUserOnUIThread(const std::string& username,
+void GetTPMInfoForUserOnUIThread(const AccountId& account_id,
                                  const std::string& username_hash) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
   DVLOG(1) << "Getting TPM info from cryptohome for "
-           << " " << username << " " << username_hash;
+           << " " << account_id.Serialize() << " " << username_hash;
   scoped_ptr<chromeos::TPMTokenInfoGetter> scoped_token_info_getter =
       chromeos::TPMTokenInfoGetter::CreateForUserToken(
-          username,
-          chromeos::DBusThreadManager::Get()->GetCryptohomeClient(),
+          account_id, chromeos::DBusThreadManager::Get()->GetCryptohomeClient(),
           base::ThreadTaskRunnerHandle::Get());
   chromeos::TPMTokenInfoGetter* token_info_getter =
       scoped_token_info_getter.get();
 
   // Bind |token_info_getter| to the callback to ensure it does not go away
   // before TPM token info is fetched.
   // TODO(tbarzic, pneubeck): Handle this in a nicer way when this logic is
   //     moved to a separate profile service.
   token_info_getter->Start(
       base::Bind(&DidGetTPMInfoForUserOnUIThread,
                  base::Passed(&scoped_token_info_getter),
                  username_hash));
 }
 
-void StartTPMSlotInitializationOnIOThread(const std::string& username,
+void StartTPMSlotInitializationOnIOThread(const AccountId& account_id,
                                           const std::string& username_hash) {
   DCHECK_CURRENTLY_ON(BrowserThread::IO);
 
   BrowserThread::PostTask(
-      BrowserThread::UI,
-      FROM_HERE,
-      base::Bind(&GetTPMInfoForUserOnUIThread, username, username_hash));
+      BrowserThread::UI, FROM_HERE,
+      base::Bind(&GetTPMInfoForUserOnUIThread, account_id, username_hash));
 }
 
-void StartNSSInitOnIOThread(const std::string& username,
+void StartNSSInitOnIOThread(const AccountId& account_id,
                             const std::string& username_hash,
                             const base::FilePath& path) {
   DCHECK_CURRENTLY_ON(BrowserThread::IO);
-  DVLOG(1) << "Starting NSS init for " << username
+  DVLOG(1) << "Starting NSS init for " << account_id.Serialize()
            << "  hash:" << username_hash;
 
   // Make sure NSS is initialized for the user.
   crypto::InitializeNSSForChromeOSUser(username_hash, path);
 
   // Check if it's OK to initialize TPM for the user before continuing. This
   // may not be the case if the TPM slot initialization was previously
   // requested for the same user.
   if (!crypto::ShouldInitializeTPMForChromeOSUser(username_hash))
     return;
 
   crypto::WillInitializeTPMForChromeOSUser(username_hash);
 
   if (crypto::IsTPMTokenEnabledForNSS()) {
-    if (crypto::IsTPMTokenReady(base::Bind(
-            &StartTPMSlotInitializationOnIOThread, username, username_hash))) {
-      StartTPMSlotInitializationOnIOThread(username, username_hash);
+    if (crypto::IsTPMTokenReady(
+            base::Bind(&StartTPMSlotInitializationOnIOThread, account_id,
+                       username_hash))) {
+      StartTPMSlotInitializationOnIOThread(account_id, username_hash);
     } else {
       DVLOG(1) << "Waiting for tpm ready ...";
     }
   } else {
     crypto::InitializePrivateSoftwareSlotForChromeOSUser(username_hash);
   }
 }
 #endif  // defined(OS_CHROMEOS)
 
 #if defined(USE_NSS_CERTS)
@@ skipping 76 matching lines @@
   if (user_manager) {
     const user_manager::User* user =
         chromeos::ProfileHelper::Get()->GetUserByProfile(profile);
     // No need to initialize NSS for users with empty username hash:
     // Getters for a user's NSS slots always return NULL slot if the user's
     // username hash is empty, even when the NSS is not initialized for the
     // user.
     if (user && !user->username_hash().empty()) {
       params->username_hash = user->username_hash();
       DCHECK(!params->username_hash.empty());
-      BrowserThread::PostTask(BrowserThread::IO,
-                              FROM_HERE,
-                              base::Bind(&StartNSSInitOnIOThread,
-                                         user->email(),
-                                         user->username_hash(),
-                                         profile->GetPath()));
+      BrowserThread::PostTask(
+          BrowserThread::IO, FROM_HERE,
+          base::Bind(&StartNSSInitOnIOThread, user->GetAccountId(),
+                     user->username_hash(), profile->GetPath()));
 
       // Use the device-wide system key slot only if the user is affiliated on
       // the device.
       params->use_system_key_slot = user->is_affiliated();
     }
   }
 
   chromeos::CertificateProviderService* cert_provider_service =
       chromeos::CertificateProviderServiceFactory::GetForBrowserContext(
           profile);
@@ skipping 857 matching lines @@
       make_scoped_ptr(new DevToolsNetworkTransactionFactory(
           network_controller_handle_.GetController(), shared_session)),
       std::move(backend), true /* set_up_quic_server_info */));
 }
 
 void ProfileIOData::SetCookieSettingsForTesting(
     content_settings::CookieSettings* cookie_settings) {
   DCHECK(!cookie_settings_.get());
   cookie_settings_ = cookie_settings;
 }