Why not simplify the PEN test a little.
So self-encryption is a crate in it’s own right with plenty of docs/papers etc. and gets argued a lot. So test that with all you have first, then move onto crust (there is a weakness there already I can tell you, secure_serialisation not enabled and also not protected against replay there right now (it needs an incrementing nonce in secure serialisation))
Then you can eat the elephant a bite at a time. I think otherwise you may be burdened by the number of things we have in place. It will allow you to creep through and find interesting things.