Add support for Turin attestations

[cjen1-msft]

Enables and tests our support for Turin attestations.

The only non-trivial thing is that the kdsintf.amd.com servers require the shortened chip_id rather than the full one (404 if you pass in the long version).
I am uncertain what the situation will be for THIM and Azure's caches, and I haven't yet had a chance to try it, will update the PR when I can.

Additionally this has not been tested end-to-end yet.

UPDATE: now somewhat tested using verify_attestation.cpp

[Copilot]

Pull request overview

This PR adds support for AMD Turin CPU attestations in the SEV-SNP attestation validation system. The key change is that Turin uses a shortened 8-byte chip ID for VCEK certificate fetching, unlike Milan and Genoa which use the full 64-byte chip ID.

• Turin product identification added with correct CPUID model (0x02) and family (0x1A)
• New get_chip_id_for_vcek() method returns product-specific chip ID length
• Turin TCB structure includes new fmcSPL parameter with different byte layout

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
src/pal/test/snp_attestation_validation_data.h	Adds Turin test attestation data and endorsement certificates
src/pal/test/snp_attestation_validation.cpp	Adds Turin validation test case and URL generation test with shortened chip_id
src/pal/attestation.cpp	Updates chip_id comparison to use new product-aware method
scripts/fetch_amd_collateral.py	Implements Turin-specific URL generation with 8-byte chip_id and distinct TCB parameter positions
include/ccf/pal/sev_snp_cpuid.h	Corrects Turin model ID from 0x01 to 0x02 to match specification
include/ccf/pal/attestation_sev_snp.h	Adds get_chip_id_for_vcek() method and enables Turin root signing key