Add Conceptual Message Wrapper (CMW) evidence support

Type of Change

(Select all that apply)

• New feature (non-breaking change)
• Bug fix (non-breaking change)
• Breaking change (fix/feature causing existing behavior to change)
• Documentation update (standalone)
• Code refactor (no functional changes)
• Test cases (added/modified)
• CI/CD changes
• Other (please specify: ______)

Change Description

Concise Summary

Support CMW-based evidence collection instead of custom quote parsing

This PR adds initial support for receiving attestation evidence encoded using the Conceptual Message Wrapper (CMW), as prescribed by the IETF draft. It introduces decoding logic and replaces custom measurement list parsing when CMW is negotiated.

Technical Details

• Added decode_cmw.py to handle CMW decoding and extract:

  • TPM quote
  • Signature
  • PCR values
  • Event log (IMA + Measured Boot)

• Updated integrity quote handler to recognize CMW-formatted responses

• Preserves compatibility with existing attestation flows:

  • If CMW is not negotiated, falls back to legacy parsing
  • If CMW is present, extracts measurement lists into standard Keylime structures

• Motivation:

  • Align with standardized evidence formats
  • Improve interoperability
  • Simplify future maintenance of quote decoding logic

• No breaking changes expected; clients not using CMW remain unaffected

Documentation Updates Required

(Check all that apply)

• Updated markdown docs (file path: docs/cmw.md)
• Updated code comments/docstrings
• Needs user guide updates (docs/)
• Needs ReadTheDocs updates
• No docs needed (requires maintainer approval)

Verification Process

1. Environment:

   • Keylime server (this branch)
   • rust-keylime agent (feature branch with CMW support)

2. Procedure:

   • Start agent with CMW feature enabled
   • Configure server to request integrity quotes with CMW evidence
   • Validate that:
     • CMW is correctly received and parsed
     • IMA and MB measurement lists are populated
     • No regressions for legacy flows

3. Expected vs actual results:

   • Quotes with CMW parse successfully
   • Quotes without CMW parse via legacy logic
   • Logs show expected measurement list entries

Checklist

• Code follows project style guidelines
• Unit/integration tests added or updated
• Documentation updated
• Commit messages follow Chris Beams’ guidelines
• CHANGELOG updated (if applicable)
• All tests pass (local & CI)

Additional Context

• This PR should be merged in coordination with the agent-side CMW support branch
• e2e test workflows will temporarily point to the agent feature branch until both PRs are merged