refactor: ECP Config schema update (#35)

* refactor: EPC Config schema update. Googlers see go/enterpise-cert-config

26 files changed, 131 insertions, 116 deletions

diff --git a/build/scripts/darwin_amd64.sh b/build/scripts/darwin_amd64.sh
index 4917f96..eeb1032 100755
--- a/build/scripts/darwin_amd64.sh
+++ b/build/scripts/darwin_amd64.sh
@@ -1,5 +1,7 @@
 #!/bin/bash
 
+set -eu
+
 # Create a folder to hold the binaries
 rm -rf ./build/bin/darwin_amd64
 mkdir -p ./build/bin/darwin_amd64
@@ -7,9 +9,9 @@ mkdir -p ./build/bin/darwin_amd64
 # Build the signer binary
 cd ./internal/signer/darwin
 go build
-mv signer ./../../../build/bin/darwin_amd64
+mv signer ./../../../build/bin/darwin_amd64/ecp
 cd ./../../..
 
 # Build the signer library
-go build -buildmode=c-shared -o build/bin/darwin_amd64/signer.dylib cshared/main.go
-rm build/bin/darwin_amd64/signer.h
+go build -buildmode=c-shared -o build/bin/darwin_amd64/libecp.dylib cshared/main.go
+rm build/bin/darwin_amd64/libecp.h
diff --git a/build/scripts/linux_amd64.sh b/build/scripts/linux_amd64.sh
index 448f65c..c6045e6 100755
--- a/build/scripts/linux_amd64.sh
+++ b/build/scripts/linux_amd64.sh
@@ -5,11 +5,11 @@ rm -rf ./build/bin/linux_amd64
 mkdir -p ./build/bin/linux_amd64
 
 # Build the signer library
-go build -buildmode=c-shared -o build/bin/linux_amd64/signer.so cshared/main.go
-rm build/bin/linux_amd64/signer.h
+go build -buildmode=c-shared -o build/bin/linux_amd64/libecp.so cshared/main.go
+rm build/bin/linux_amd64/libecp.h
 
 # Build the signer binary
 cd ./internal/signer/linux
 go build
-mv signer ./../../../build/bin/linux_amd64
+mv signer ./../../../build/bin/linux_amd64/ecp
 cd ./../../..
diff --git a/build/scripts/windows_amd64.ps1 b/build/scripts/windows_amd64.ps1
index 58f9923..6b7bc99 100644
--- a/build/scripts/windows_amd64.ps1
+++ b/build/scripts/windows_amd64.ps1
@@ -10,9 +10,9 @@ If (Test-Path $OutputFolder) {
 # Build the signer binary
 Set-Location .\internal\signer\windows
 go build
-Move-Item .\signer.exe ..\..\..\build\bin\windows_amd64\
+Move-Item .\signer.exe ..\..\..\build\bin\windows_amd64\ecp.exe
 Set-Location ..\..\..\
 
 # Build the signer library
-go build -buildmode=c-shared -o .\build\bin\windows_amd64\signer.dll .\cshared\main.go
-Remove-Item .\build\bin\windows_amd64\signer.h
+go build -buildmode=c-shared -o .\build\bin\windows_amd64\libecp.dll .\cshared\main.go
+Remove-Item .\build\bin\windows_amd64\libecp.h
diff --git a/client/client_test.go b/client/client_test.go
index cf83881..e7ba654 100644
--- a/client/client_test.go
+++ b/client/client_test.go
@@ -14,7 +14,7 @@ import (
 )
 
 func TestClient_Cred_Success(t *testing.T) {
-	_, err := Cred("testdata/enterprise_certificate_config.json")
+	_, err := Cred("testdata/certificate_config.json")
 	if err != nil {
 		t.Errorf("Cred: got %v, want nil err", err)
 	}
@@ -28,7 +28,7 @@ func TestClient_Cred_ConfigMissing(t *testing.T) {
 }
 
 func TestClient_Public(t *testing.T) {
-	key, err := Cred("testdata/enterprise_certificate_config.json")
+	key, err := Cred("testdata/certificate_config.json")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -38,7 +38,7 @@ func TestClient_Public(t *testing.T) {
 }
 
 func TestClient_CertificateChain(t *testing.T) {
-	key, err := Cred("testdata/enterprise_certificate_config.json")
+	key, err := Cred("testdata/certificate_config.json")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -48,7 +48,7 @@ func TestClient_CertificateChain(t *testing.T) {
 }
 
 func TestClient_Sign(t *testing.T) {
-	key, err := Cred("testdata/enterprise_certificate_config.json")
+	key, err := Cred("testdata/certificate_config.json")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -62,7 +62,7 @@ func TestClient_Sign(t *testing.T) {
 }
 
 func TestClient_Sign_HashSizeMismatch(t *testing.T) {
-	key, err := Cred("testdata/enterprise_certificate_config.json")
+	key, err := Cred("testdata/certificate_config.json")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -73,7 +73,7 @@ func TestClient_Sign_HashSizeMismatch(t *testing.T) {
 }
 
 func TestClient_Close(t *testing.T) {
-	key, err := Cred("testdata/enterprise_certificate_config.json")
+	key, err := Cred("testdata/certificate_config.json")
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/client/testdata/certificate_config.json b/client/testdata/certificate_config.json
new file mode 100644
index 0000000..89523d4
--- /dev/null
+++ b/client/testdata/certificate_config.json
@@ -0,0 +1,10 @@
+{
+  "cert_configs": {
+    "test": {
+      "issuer": "Test Issuer"
+    }
+  },
+  "libs": {
+    "ecp": "./testdata/signer.sh"
+  }
+}
diff --git a/client/testdata/enterprise_certificate_config.json b/client/testdata/enterprise_certificate_config.json
deleted file mode 100644
index be9f9a3..0000000
--- a/client/testdata/enterprise_certificate_config.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  "cert_info": {
-    "issuer": "Test Issuer"
-  },
-  "libs": {
-    "signer_binary": "./testdata/signer.sh"
-  }
-}
diff --git a/client/util/test_data/certificate_config.json b/client/util/test_data/certificate_config.json
new file mode 100644
index 0000000..ed9d485
--- /dev/null
+++ b/client/util/test_data/certificate_config.json
@@ -0,0 +1,6 @@
+{
+  "libs": {
+    "ecp": "C:/Program Files (x86)/Google/Endpoint Verification/signer.exe"
+  }
+}
+
diff --git a/client/util/test_data/enterprise_certificate_config.json b/client/util/test_data/enterprise_certificate_config.json
deleted file mode 100644
index 4058fff..0000000
--- a/client/util/test_data/enterprise_certificate_config.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-  "libs": {
-    "signer_binary": "C:/Program Files (x86)/Google/Endpoint Verification/signer.exe"
-  }
-}
-
diff --git a/client/util/util.go b/client/util/util.go
index 8ac45c7..ccef527 100644
--- a/client/util/util.go
+++ b/client/util/util.go
@@ -11,7 +11,7 @@ import (
 	"runtime"
 )
 
-const configFileName = "enterprise_certificate_config.json"
+const configFileName = "certificate_config.json"
 
 // EnterpriseCertificateConfig contains parameters for initializing signer.
 type EnterpriseCertificateConfig struct {
@@ -20,7 +20,7 @@ type EnterpriseCertificateConfig struct {
 
 // Libs specifies the locations of helper libraries.
 type Libs struct {
-	SignerBinary string `json:"signer_binary"`
+	ECP string `json:"ecp"`
 }
 
 // LoadSignerBinaryPath retrieves the path of the signer binary from the config file.
@@ -39,7 +39,7 @@ func LoadSignerBinaryPath(configFilePath string) (path string, err error) {
 	if err != nil {
 		return "", err
 	}
-	signerBinaryPath := config.Libs.SignerBinary
+	signerBinaryPath := config.Libs.ECP
 	if signerBinaryPath == "" {
 		return "", errors.New("signer binary path is missing")
 	}
diff --git a/client/util/util_test.go b/client/util/util_test.go
index 7ffa744..ad46592 100644
--- a/client/util/util_test.go
+++ b/client/util/util_test.go
@@ -5,7 +5,7 @@ import (
 )
 
 func TestLoadSignerBinaryPath(t *testing.T) {
-	path, err := LoadSignerBinaryPath("./test_data/enterprise_certificate_config.json")
+	path, err := LoadSignerBinaryPath("./test_data/certificate_config.json")
 	if err != nil {
 		t.Errorf("LoadSignerBinaryPath error: %q", err)
 	}
diff --git a/cshared/main.go b/cshared/main.go
index 1b8bcad..598a7e6 100644
--- a/cshared/main.go
+++ b/cshared/main.go
@@ -45,14 +45,14 @@ func getCertPem(configFilePath string) []byte {
 	return certChainPem
 }
 
-//export GetCertPemForPython
-//
 // GetCertPemForPython reads the contents of the certificate specified by configFilePath,
 // storing the result inside a certHolder byte array of size certHolderLen.
 //
 // We must call it twice to get the cert. First time use nil for certHolder to get
 // the cert length. Second time we pre-create an array in Python of the cert length and
 // call this function again to load the cert into the array.
+//
+//export GetCertPemForPython
 func GetCertPemForPython(configFilePath *C.char, certHolder *byte, certHolderLen int) int {
 	pemBytes := getCertPem(C.GoString(configFilePath))
 	if certHolder != nil {
@@ -62,10 +62,10 @@ func GetCertPemForPython(configFilePath *C.char, certHolder *byte, certHolderLen
 	return len(pemBytes)
 }
 
-//export SignForPython
-//
 // SignForPython signs a message digest of length digestLen using a certificate private key
 // specified by configFilePath, storing the result inside a sigHolder byte array of size sigHolderLen.
+//
+//export SignForPython
 func SignForPython(configFilePath *C.char, digest *byte, digestLen int, sigHolder *byte, sigHolderLen int) int {
 	// First create a handle around the specified certificate and private key.
 	key, err := client.Cred(C.GoString(configFilePath))
diff --git a/internal/signer/darwin/signer.go b/internal/signer/darwin/signer.go
index 60d6621..7ed31df 100644
--- a/internal/signer/darwin/signer.go
+++ b/internal/signer/darwin/signer.go
@@ -80,10 +80,10 @@ func main() {
 		log.Fatalln("Signer is not meant to be invoked manually, exiting...")
 	}
 	configFilePath := os.Args[1]
-	certInfo, err := util.LoadCertInfo(configFilePath)
+	config, err := util.LoadConfig(configFilePath)
 
 	enterpriseCertSigner := new(EnterpriseCertSigner)
-	enterpriseCertSigner.key, err = keychain.Cred(certInfo.Issuer)
+	enterpriseCertSigner.key, err = keychain.Cred(config.CertConfigs.MacOSKeychain.Issuer)
 	if err != nil {
 		log.Fatalf("Failed to initialize enterprise cert signer using keychain: %v", err)
 	}
diff --git a/internal/signer/darwin/util/test_data/certificate_config.json b/internal/signer/darwin/util/test_data/certificate_config.json
new file mode 100644
index 0000000..a4f0edf
--- /dev/null
+++ b/internal/signer/darwin/util/test_data/certificate_config.json
@@ -0,0 +1,8 @@
+{
+  "cert_configs": {
+    "macos_keychain": {
+      "issuer": "Google Endpoint Verification"
+    }
+  }
+}
+
diff --git a/internal/signer/darwin/util/test_data/enterprise_certificate_config.json b/internal/signer/darwin/util/test_data/enterprise_certificate_config.json
deleted file mode 100644
index 1e65f90..0000000
--- a/internal/signer/darwin/util/test_data/enterprise_certificate_config.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-  "cert_info": {
-    "issuer": "Google Endpoint Verification"
-  }
-}
-
diff --git a/internal/signer/darwin/util/util.go b/internal/signer/darwin/util/util.go
index 52826e0..19ec3cd 100644
--- a/internal/signer/darwin/util/util.go
+++ b/internal/signer/darwin/util/util.go
@@ -9,30 +9,34 @@ import (
 
 // EnterpriseCertificateConfig contains parameters for initializing signer.
 type EnterpriseCertificateConfig struct {
-	CertInfo CertInfo `json:"cert_info"`
+	CertConfigs CertConfigs `json:"cert_configs"`
 }
 
-// CertInfo contains parameters describing the certificate to use.
-type CertInfo struct {
+// Container for various ECP Configs.
+type CertConfigs struct {
+	MacOSKeychain MacOSKeychain `json:"macos_keychain"`
+}
+
+// MacOSKeychain contains parameters describing the certificate to use.
+type MacOSKeychain struct {
 	Issuer string `json:"issuer"`
 }
 
-// LoadCertInfo retrieves the certificate info from the config file.
-func LoadCertInfo(configFilePath string) (certInfo CertInfo, err error) {
+// LoadConfig retrieves the ECP config file.
+func LoadConfig(configFilePath string) (config EnterpriseCertificateConfig, err error) {
 	jsonFile, err := os.Open(configFilePath)
 	if err != nil {
-		return CertInfo{}, err
+		return EnterpriseCertificateConfig{}, err
 	}
 
 	byteValue, err := ioutil.ReadAll(jsonFile)
 	if err != nil {
-		return CertInfo{}, err
+		return EnterpriseCertificateConfig{}, err
 	}
-	var config EnterpriseCertificateConfig
 	err = json.Unmarshal(byteValue, &config)
 	if err != nil {
-		return CertInfo{}, err
+		return EnterpriseCertificateConfig{}, err
 	}
-	return config.CertInfo, nil
+	return config, nil
 
 }
diff --git a/internal/signer/darwin/util/util_test.go b/internal/signer/darwin/util/util_test.go
index 912f45c..622a179 100644
--- a/internal/signer/darwin/util/util_test.go
+++ b/internal/signer/darwin/util/util_test.go
@@ -4,13 +4,13 @@ import (
 	"testing"
 )
 
-func TestLoadCertInfo(t *testing.T) {
-	certInfo, err := LoadCertInfo("./test_data/enterprise_certificate_config.json")
+func TestLoadConfig(t *testing.T) {
+	config, err := LoadConfig("./test_data/certificate_config.json")
 	if err != nil {
-		t.Errorf("LoadCertInfo error: %q", err)
+		t.Errorf("LoadConfig error: %q", err)
 	}
 	want := "Google Endpoint Verification"
-	if certInfo.Issuer != want {
-		t.Errorf("Expected issuer is %q, got: %q", want, certInfo.Issuer)
+	if config.CertConfigs.MacOSKeychain.Issuer != want {
+		t.Errorf("Expected issuer is %q, got: %q", want, config.CertConfigs.MacOSKeychain.Issuer)
 	}
 }
diff --git a/internal/signer/linux/signer.go b/internal/signer/linux/signer.go
index a6de378..e115da8 100644
--- a/internal/signer/linux/signer.go
+++ b/internal/signer/linux/signer.go
@@ -82,7 +82,7 @@ func main() {
 	configFilePath := os.Args[1]
 	config, err := util.LoadConfig(configFilePath)
 	enterpriseCertSigner := new(EnterpriseCertSigner)
-	enterpriseCertSigner.key, err = util.Cred(config.Libs.PKCS11Module, config.CertInfo.Slot, config.CertInfo.Label)
+	enterpriseCertSigner.key, err = util.Cred(config.CertConfigs.PKCS11.PKCS11Module, config.CertConfigs.PKCS11.Slot, config.CertConfigs.PKCS11.Label)
 	if err != nil {
 		log.Fatalf("Failed to initialize enterprise cert signer using pkcs11: %v", err)
 	}
diff --git a/internal/signer/linux/util/test_data/certificate_config.json b/internal/signer/linux/util/test_data/certificate_config.json
new file mode 100644
index 0000000..efafc20
--- /dev/null
+++ b/internal/signer/linux/util/test_data/certificate_config.json
@@ -0,0 +1,9 @@
+{
+  "cert_configs": {
+    "pkcs11": {
+      "slot": "0x1739427",
+      "label": "gecc",
+      "module": "pkcs11_module.so"
+    }
+  }
+}
diff --git a/internal/signer/linux/util/test_data/enterprise_certificate_config.json b/internal/signer/linux/util/test_data/enterprise_certificate_config.json
deleted file mode 100644
index af09f87..0000000
--- a/internal/signer/linux/util/test_data/enterprise_certificate_config.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-  "cert_info": {
-    "slot": "0x1739427",
-    "label": "gecc"
-  },  
-  "libs": {
-    "pkcs11_module": "pkcs11_module.so"
-  }
-}
diff --git a/internal/signer/linux/util/util.go b/internal/signer/linux/util/util.go
index 8387151..5288ee7 100644
--- a/internal/signer/linux/util/util.go
+++ b/internal/signer/linux/util/util.go
@@ -21,19 +21,19 @@ func ParseHexString(str string) (i uint32, err error) {
 
 // EnterpriseCertificateConfig contains parameters for initializing signer.
 type EnterpriseCertificateConfig struct {
-	CertInfo CertInfo `json:"cert_info"`
-	Libs     Libs     `json:"libs"`
+	CertConfigs CertConfigs `json:"cert_configs"`
 }
 
-// CertInfo contains parameters describing the certificate to use.
-type CertInfo struct {
-	Slot  string `json:"slot"`  // The hexadecimal representation of the uint36 slot ID. (ex:0x1739427)
-	Label string `json:"label"` // The token label (ex: gecc)
+// Container for various ECP Configs.
+type CertConfigs struct {
+	PKCS11 PKCS11 `json:"pkcs11"`
 }
 
-// Libs contains the path to helper libs
-type Libs struct {
-	PKCS11Module string `json:"pkcs11_module"` // The path to the pkcs11 module (shared lib)
+// PKCS11 contains parameters describing the certificate to use.
+type PKCS11 struct {
+	Slot         string `json:"slot"`   // The hexadecimal representation of the uint36 slot ID. (ex:0x1739427)
+	Label        string `json:"label"`  // The token label (ex: gecc)
+	PKCS11Module string `json:"module"` // The path to the pkcs11 module (shared lib)
 }
 
 // LoadConfig retrieves the ECP config file.
diff --git a/internal/signer/linux/util/util_test.go b/internal/signer/linux/util/util_test.go
index cc30a34..5907fbd 100644
--- a/internal/signer/linux/util/util_test.go
+++ b/internal/signer/linux/util/util_test.go
@@ -5,26 +5,26 @@ import (
 )
 
 func TestLoadConfig(t *testing.T) {
-	config, err := LoadConfig("./test_data/enterprise_certificate_config.json")
+	config, err := LoadConfig("./test_data/certificate_config.json")
 	if err != nil {
 		t.Fatalf("LoadConfig error: %v", err)
 	}
 	want := "0x1739427"
-	if config.CertInfo.Slot != want {
-		t.Errorf("Expected slot is %v, got: %v", want, config.CertInfo.Slot)
+	if config.CertConfigs.PKCS11.Slot != want {
+		t.Errorf("Expected slot is %v, got: %v", want, config.CertConfigs.PKCS11.Slot)
 	}
 	want = "gecc"
-	if config.CertInfo.Label != want {
-		t.Errorf("Expected label is %v, got: %v", want, config.CertInfo.Label)
+	if config.CertConfigs.PKCS11.Label != want {
+		t.Errorf("Expected label is %v, got: %v", want, config.CertConfigs.PKCS11.Label)
 	}
 	want = "pkcs11_module.so"
-	if config.Libs.PKCS11Module != want {
-		t.Errorf("Expected pkcs11_module is %v, got: %v", want, config.Libs.PKCS11Module)
+	if config.CertConfigs.PKCS11.PKCS11Module != want {
+		t.Errorf("Expected pkcs11_module is %v, got: %v", want, config.CertConfigs.PKCS11.PKCS11Module)
 	}
 }
 
 func TestLoadConfigMissing(t *testing.T) {
-	_, err := LoadConfig("./test_data/enterprise_certificate_config_missing.json")
+	_, err := LoadConfig("./test_data/certificate_config_missing.json")
 	if err == nil {
 		t.Error("Expected error but got nil")
 	}
diff --git a/internal/signer/windows/signer.go b/internal/signer/windows/signer.go
index 403d3fa..ffa1977 100644
--- a/internal/signer/windows/signer.go
+++ b/internal/signer/windows/signer.go
@@ -80,10 +80,10 @@ func main() {
 		log.Fatalln("Signer is not meant to be invoked manually, exiting...")
 	}
 	configFilePath := os.Args[1]
-	certInfo, err := util.LoadCertInfo(configFilePath)
+	config, err := util.LoadConfig(configFilePath)
 
 	enterpriseCertSigner := new(EnterpriseCertSigner)
-	enterpriseCertSigner.key, err = ncrypt.Cred(certInfo.Issuer, certInfo.Store, certInfo.Provider)
+	enterpriseCertSigner.key, err = ncrypt.Cred(config.CertConfigs.WindowsStore.Issuer, config.CertConfigs.WindowsStore.Store, config.CertConfigs.WindowsStore.Provider)
 	if err != nil {
 		log.Fatalf("Failed to initialize enterprise cert signer using ncrypt: %v", err)
 	}
diff --git a/internal/signer/windows/util/test_data/certificate_config.json b/internal/signer/windows/util/test_data/certificate_config.json
new file mode 100644
index 0000000..567f719
--- /dev/null
+++ b/internal/signer/windows/util/test_data/certificate_config.json
@@ -0,0 +1,9 @@
+{
+  "cert_configs": {
+    "windows_store": {
+      "issuer": "enterprise_v1_corp_client",
+      "store": "MY",
+      "provider": "current_user"
+    }
+  }
+}
diff --git a/internal/signer/windows/util/test_data/enterprise_certificate_config.json b/internal/signer/windows/util/test_data/enterprise_certificate_config.json
deleted file mode 100644
index 48baa84..0000000
--- a/internal/signer/windows/util/test_data/enterprise_certificate_config.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  "cert_info": {
-    "issuer": "enterprise_v1_corp_client",
-    "store": "MY",
-    "provider": "current_user"
-  }
-}
-
diff --git a/internal/signer/windows/util/util.go b/internal/signer/windows/util/util.go
index 99e6c98..de4429e 100644
--- a/internal/signer/windows/util/util.go
+++ b/internal/signer/windows/util/util.go
@@ -9,32 +9,36 @@ import (
 
 // EnterpriseCertificateConfig contains parameters for initializing signer.
 type EnterpriseCertificateConfig struct {
-	CertInfo CertInfo `json:"cert_info"`
+	CertConfigs CertConfigs `json:"cert_configs"`
 }
 
-// CertInfo contains parameters describing the certificate to use.
-type CertInfo struct {
+// Container for various ECP Configs.
+type CertConfigs struct {
+	WindowsStore WindowsStore `json:"windows_store"`
+}
+
+// WindowsStore contains parameters describing the certificate to use.
+type WindowsStore struct {
 	Issuer   string `json:"issuer"`
 	Store    string `json:"store"`
 	Provider string `json:"provider"`
 }
 
-// LoadCertInfo retrieves the certificate info from the config file.
-func LoadCertInfo(configFilePath string) (certInfo CertInfo, err error) {
+// LoadConfig retrieves the ECP config file.
+func LoadConfig(configFilePath string) (config EnterpriseCertificateConfig, err error) {
 	jsonFile, err := os.Open(configFilePath)
 	if err != nil {
-		return CertInfo{}, err
+		return EnterpriseCertificateConfig{}, err
 	}
 
 	byteValue, err := ioutil.ReadAll(jsonFile)
 	if err != nil {
-		return CertInfo{}, err
+		return EnterpriseCertificateConfig{}, err
 	}
-	var config EnterpriseCertificateConfig
 	err = json.Unmarshal(byteValue, &config)
 	if err != nil {
-		return CertInfo{}, err
+		return EnterpriseCertificateConfig{}, err
 	}
-	return config.CertInfo, nil
+	return config, nil
 
 }
diff --git a/internal/signer/windows/util/util_test.go b/internal/signer/windows/util/util_test.go
index bb40a92..97b0e42 100644
--- a/internal/signer/windows/util/util_test.go
+++ b/internal/signer/windows/util/util_test.go
@@ -4,21 +4,21 @@ import (
 	"testing"
 )
 
-func TestLoadCertInfo(t *testing.T) {
-	certInfo, err := LoadCertInfo("./test_data/enterprise_certificate_config.json")
+func TestLoadConfig(t *testing.T) {
+	config, err := LoadConfig("./test_data/certificate_config.json")
 	if err != nil {
-		t.Errorf("LoadCertInfo error: %q", err)
+		t.Errorf("LoadConfig error: %q", err)
 	}
 	want := "enterprise_v1_corp_client"
-	if certInfo.Issuer != want {
-		t.Errorf("Expected issuer is %q, got: %q", want, certInfo.Issuer)
+	if config.CertConfigs.WindowsStore.Issuer != want {
+		t.Errorf("Expected issuer is %q, got: %q", want, config.CertConfigs.WindowsStore.Issuer)
 	}
 	want = "MY"
-	if certInfo.Store != want {
-		t.Errorf("Expected store is %q, got: %q", want, certInfo.Store)
+	if config.CertConfigs.WindowsStore.Store != want {
+		t.Errorf("Expected store is %q, got: %q", want, config.CertConfigs.WindowsStore.Store)
 	}
 	want = "current_user"
-	if certInfo.Provider != want {
-		t.Errorf("Expected provider is %q, got: %q", want, certInfo.Provider)
+	if config.CertConfigs.WindowsStore.Provider != want {
+		t.Errorf("Expected provider is %q, got: %q", want, config.CertConfigs.WindowsStore.Provider)
 	}
 }