Add support for Remote Platform Erase in Console

[graikhel-intel]

Background/Context

Intel® Remote Platform Erase (RPE) allows an IT administrator to remotely erase all platform data, including (optionally) Intel® AMT configuration, enabling secure reuse of a device without requiring manual SSD erasure.

As part of this story, we need the ability to:

• Discover whether RPE is supported and enabled on a platform
• Enable or disable RPE
• Trigger an RPE operation by setting the appropriate boot option and performing a reset (similar to the existing OCR flow)

The detailed behavior and flows are documented in the Intel AMT SDK reference https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm?turl=WordDocuments%2FSecure_Remote_Platform_Erase.htm

At a high level, the following AMT calls are involved:

1. Discovery

Discover RPE support in BIOS

• Read AMT_BootCapabilities.PlatformErase to determine whether the BIOS supports Remote Platform Erase and what erase capabilities are available.
• This is a read-only property.

Whether RPE is Enabled in BIOS

• Read AMT_BootSettingData.RPEEnabled to determine whether RPE is enabled in BIOS
• This is a read-only property and can only be changed via the BIOS menu

Whether RPE is Enabled or Disabled by AMT

• Enable or disable RPE in Intel AMT using CIM_BootService.RequestStateChange
• This operation requires administrative privileges and will fail if the feature is not supported or disabled in BIOS

Understand what features are supported by AMT as part of RPE

• AMT_BootCapabilities.PlatformErase must be parsed to understand which RPE features and erase options are supported on the platform
• Supported capabilities vary by AMT/CSME version. Full details are documented in the SDK https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm?turl=HTMLDocuments%2FWS-Management_Class_Reference%2FAMT_BootCapabilities.htm%23PlatformErase

2. Enable/Disable RPE

• RPE is enabled or disabled in Intel AMT using CIM_BootService.RequestStateChange.
• If BIOS does not support RPE or RPE is disabled in BIOS, this call will fail.

3. Trigger RPE

• Set the RPE boot option using AMT_BootSettingData.PlatformErase.
• Configure erase parameters using AMT_BootSettingData.UefiBootParametersArray.
• Activate the configuration using CIM_BootService.SetBootConfigRole.
• Perform a reset / power action to start the RPE flow.

Acceptance Criteria

• UI changes
• Add WSMAN messages to go-wsman-messages if any class is missing
• API to know if RPE is supported
• API to enable or disable RPE
• Power action to trigger RPE
• Validation on AMT 16 and above platforms
• Standard Definition of Done (DoD)