ChromeOS cryptohome should be able to use gaia id as user identifier.

chrome/browser/chromeos/attestation/platform_verification_flow.h

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_CHROMEOS_ATTESTATION_PLATFORM_VERIFICATION_FLOW_H_
 #define CHROME_BROWSER_CHROMEOS_ATTESTATION_PLATFORM_VERIFICATION_FLOW_H_
 
 #include <set>
 #include <string>
 
 #include "base/callback.h"
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/time/time.h"
 #include "base/timer/timer.h"
 #include "url/gurl.h"
 
+class AccountId;
+
 namespace content {
 class WebContents;
 }
 
 namespace cryptohome {
 class AsyncMethodCaller;
 }
 
 namespace user_manager {
 class User;
@@ skipping 140 matching lines @@
 
   ~PlatformVerificationFlow();
 
   // Callback for attestation preparation. The arguments to ChallengePlatformKey
   // are in |context|, and |attestation_prepared| specifies whether attestation
   // has been prepared on this device.
   void OnAttestationPrepared(const ChallengeContext& context,
                              bool attestation_prepared);
 
   // Initiates the flow to get a platform key certificate.  The arguments to
-  // ChallengePlatformKey are in |context|.  |user_id| identifies the user for
-  // which to get a certificate.  If |force_new_key| is true then any existing
-  // key for the same user and service will be ignored and a new key will be
-  // generated and certified.
+  // ChallengePlatformKey are in |context|.  |account_id| identifies the user
+  // for which to get a certificate.  If |force_new_key| is true then any
+  // existing key for the same user and service will be ignored and a new key
+  // will be generated and certified.
   void GetCertificate(const ChallengeContext& context,
-                      const std::string& user_id,
+                      const AccountId& account_id,
                       bool force_new_key);
 
   // A callback called when an attestation certificate request operation
   // completes.  The arguments to ChallengePlatformKey are in |context|.
-  // |user_id| identifies the user for which the certificate was requested.
+  // |account_id| identifies the user for which the certificate was requested.
   // |operation_success| is true iff the certificate request operation
   // succeeded.  |certificate_chain| holds the certificate for the platform key
   // on success.  If the certificate request was successful, this method invokes
   // a request to sign the challenge.  If the operation timed out prior to this
   // method being called, this method does nothing - notably, the callback is
   // not invoked.
   void OnCertificateReady(const ChallengeContext& context,
-                          const std::string& user_id,
+                          const AccountId& account_id,
                           scoped_ptr<base::Timer> timer,
                           bool operation_success,
                           const std::string& certificate_chain);
 
   // A callback run after a constant delay to handle timeouts for lengthy
   // certificate requests.  |context.callback| will be invoked with a TIMEOUT
   // result.
   void OnCertificateTimeout(const ChallengeContext& context);
 
   // A callback called when a challenge signing request has completed.  The
   // |certificate_chain| is the platform certificate chain for the key which
   // signed the |challenge|.  The arguments to ChallengePlatformKey are in
-  // |context|. |user_id| identifies the user for which the certificate was
+  // |context|. |account_id| identifies the user for which the certificate was
   // requested. |is_expiring_soon| will be set iff a certificate in the
   // |certificate_chain| is expiring soon. |operation_success| is true iff the
   // challenge signing operation was successful.  If it was successful,
   // |response_data| holds the challenge response and the method will invoke
   // |context.callback|.
   void OnChallengeReady(const ChallengeContext& context,
-                        const std::string& user_id,
+                        const AccountId& account_id,
                         const std::string& certificate_chain,
                         bool is_expiring_soon,
                         bool operation_success,
                         const std::string& response_data);
 
   // Checks whether attestation for content protection is allowed by policy.
   bool IsAttestationAllowedByPolicy();
 
   // Checks if |certificate_chain| is a PEM certificate chain that contains a
   // certificate this is expired or expiring soon. Returns the expiry status.
@@ skipping 14 matching lines @@
   base::TimeDelta timeout_delay_;
   std::set<std::string> renewals_in_progress_;
 
   DISALLOW_COPY_AND_ASSIGN(PlatformVerificationFlow);
 };
 
 }  // namespace attestation
 }  // namespace chromeos
 
 #endif  // CHROME_BROWSER_CHROMEOS_ATTESTATION_PLATFORM_VERIFICATION_FLOW_H_