OSCrypt for POSIX uses libsecret to store a randomised encryption key.

components/os_crypt/os_crypt_mocker_linux.cc

Index: components/os_crypt/os_crypt_mocker_linux.cc
diff --git a/components/os_crypt/os_crypt_mocker_linux.cc b/components/os_crypt/os_crypt_mocker_linux.cc
new file mode 100644
index 0000000000000000000000000000000000000000..a222c88d98a09e1046a3a50c7af41d02ac5aa174
--- /dev/null
+++ b/components/os_crypt/os_crypt_mocker_linux.cc
@@ -0,0 +1,58 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/os_crypt/os_crypt_mocker_linux.h"
+
+#include "base/base64.h"
+#include "base/lazy_instance.h"
+#include "base/rand_util.h"
+#include "components/os_crypt/os_crypt.h"
+
+namespace {
+
+static base::LazyInstance<OSCryptMockerLinux>::Leaky g_mocker =
+    LAZY_INSTANCE_INITIALIZER;
+
+KeyStorageLinux* GetKeyStorage() {
+  return OSCryptMockerLinux::GetInstance();
+}
+
+std::string* GetPassword() {
+  return OSCryptMockerLinux::GetInstance()->GetKeyPtr();
+}
+
+}  // namespace
+
+std::string OSCryptMockerLinux::GetKey() {
+  if (key_.empty())
+    base::Base64Encode(base::RandBytesAsString(16), &key_);
+  return key_;
+}
+
+bool OSCryptMockerLinux::Init() {
+  return true;
+}
+
+void OSCryptMockerLinux::ResetTo(base::StringPiece new_key) {
+  key_ = new_key.as_string();
+}
+
+std::string* OSCryptMockerLinux::GetKeyPtr() {
+  return &key_;
+}
+
+// static
+OSCryptMockerLinux* OSCryptMockerLinux::GetInstance() {
+  return g_mocker.Pointer();
+}
+
+// static
+void OSCryptMockerLinux::SetUpWithSingleton() {
+  UseMockKeyStorageForTesting(&GetKeyStorage, &GetPassword);
+}
+
+// static
+void OSCryptMockerLinux::TearDown() {
+  UseMockKeyStorageForTesting(nullptr, nullptr);
+}