| CPC G06F 21/572 (2013.01) [G06F 21/31 (2013.01)] | 18 Claims |
|
1. An information handling system comprising:
at least one processor;
memory circuitry comprising a Basic Input/Output System (BIOS), wherein the memory circuitry further comprises a database including a first set of one or more cryptographic keys usable to authenticate first code that is executable by the BIOS by verifying one or more first cryptographic signatures associated with the first code; and
a physical storage medium other than the memory circuitry, wherein the physical storage medium includes a custom database including a second set of one or more cryptographic keys usable to authenticate second code that is executable by the BIOS by verifying one or more second cryptographic signatures associated with the second code;
wherein the information handling system is configured to load a BIOS extension into the BIOS by:
determining that the first set of one or more cryptographic keys stored in the memory circuitry does not include any key usable to authenticate the BIOS extension;
determining that the second set of one or more cryptographic keys stored in the physical storage medium includes a particular key usable to authenticate the BIOS extension;
authenticating the BIOS extension via the particular key; and
in response to the authenticating, loading and executing the BIOS extension.
|