@Robie, I agree that just checking the detected and offered functionality is probably a bit shallow.
Even if it worked before (but no longer, if the latest EP11 host library is used, that's how I understand it), it makes sense the run a more thorough test involving Dilithium.
I think it could either be a manual test using a token with Dilithium, or maybe running the dedicated 'dilithium_tests' from testcases/crypto available upstream with an upstream package.
(Btw. these testcases cannot be easily automated or even scripted in our case, since the external ep11 package is needed here, and a lot of upfront token/slot preparations, default PINs setup, hw etc. - but it's possible with some manual effort - did it in the past for a different testcase ...)
I leave this here in case of any further discussions (also with IBM).
And sorry for the delay in the verification (due to pub. holidays and the complex nature of this).
@Robie, I agree that just checking the detected and offered functionality is probably a bit shallow.
Even if it worked before (but no longer, if the latest EP11 host library is used, that's how I understand it), it makes sense the run a more thorough test involving Dilithium.
I think it could either be a manual test using a token with Dilithium, or maybe running the dedicated 'dilithium_tests' from testcases/crypto available upstream with an upstream package.
(Btw. these testcases cannot be easily automated or even scripted in our case, since the external ep11 package is needed here, and a lot of upfront token/slot preparations, default PINs setup, hw etc. - but it's possible with some manual effort - did it in the past for a different testcase ...)
I leave this here in case of any further discussions (also with IBM).
And sorry for the delay in the verification (due to pub. holidays and the complex nature of this).