When power to a computer is turned on or a reset is performed, basic input/output services (“BIOS”) code executes. Soon after it begins executing, and depending on the CMOS settings of the computer, the BIOS code may prompt the user for a password before allowing the user to change the settings of the computer or to boot an operating system. In addition, application-level software running after an operating system is loaded may require verification of a user's BIOS-level password prior to taking certain actions such as requesting a reflash of BIOS memory. These features are commonly known as “BIOS password security.”
FIG. 1 illustrates prior art methods for implementing BIOS password security. Each time a key on keyboard 100 transitions from an up position to a down position or vice versa, a corresponding native code 102 is transmitted to a microcontroller 104 inside host computer 106. (Host computer 106 would normally also include traditional components such as one or more microprocessors, system memory, a hard disk, and one or more additional i/o devices such as a display device.) In response, microcontroller 104 translates the native code received from the keyboard into an up or down scan code 108 and generates a keyboard interrupt, which invokes a BIOS INT9 handler 110 (or, if an operating system with its own keyboard driver has been loaded, a corresponding handler in the keyboard driver).
An up or down scan code is an eight-bit value that identifies a particular key on the keyboard and whether the key has just transitioned to an up position or to a down position. For example, when the “A” key on a keyboard is pressed and released with no modifier keys such as caps lock or shift active, a sequence of two scan codes is presented to the handler: 1Eh (“A” key down), and 9Eh (“A” key up).
The handler responds to the scan code by updating certain data structures in the BIOS data area of memory. Basically, for a scan code corresponding to a character-producing key (numerous keys on a standard keyboard are not character-producing keys), the handler writes the down code for the key to input queue 112 along with a corresponding ASCII code. No up scan codes are stored in queue 112. To generate the correct ASCII value for the key, the handler consults modifier state information 114. For example, if an “A” scan code is received when the state of caps lock is on but no other modifiers are active, then the correct ASCII code to store in queue 112 would be 41h (uppercase A). But if caps lock is off and no other modifiers are active, then the correct ASCII code would be 61h (lowercase a). For a character-producing key that does not correspond to an ASCII value, the handler stores a zero for the ASCII code component of the queue entry.
For a scan code corresponding to a non-character producing key such as ctrl, alt, right or left shift, caps lock, scroll lock, num lock, etc., the handler simply makes an appropriate update to modifier state information 114. Some elements of the modifier state are associated with toggle functions such as insert mode, caps lock, num lock and scroll lock. This state is interpreted as “on” versus “off.” Other elements of this state are associated with particular keys; this state is interpreted as “up” versus “down” as shown.
Two methods have been employed by prior art BIOS password security routines 116 when setting a new password: In the first method, the BIOS retrieves the down scan codes corresponding to a password from input queue 112. The BIOS then optionally encrypts the down scan codes using an encryption algorithm 118. It then stores the down scan codes 120 or the encrypted down scan codes 122 in a stored password area of memory 124. In the second method, the BIOS retrieves all or a portion of the ASCII codes corresponding to the password from input queue 112. It then optionally encrypts the ASCII codes and stores either the ASCII codes 124 or the encrypted ASCII codes 126 in stored password area 124. The first method is case insensitive, while the second method is case sensitive.
When verifying a password, either the BIOS or an application program 128 may extract user input from input queue 112 (usually via an INT16h handler) and may present them to routines 116. In response, routines 116 may execute the same algorithms just described using down scan codes or ASCII, except that in this context the routines would compare values with, rather than store values into, memory area 124.