MachineKeySection.ByteArrayToHexString vs {0:x2}

[Chris-]

I've been looking at the internal implementation of
FormsAuthentication's HashPasswordForStoringInConfigFile. I can see
that instead of using the format string {0:x2} (i.e. a hexadecimal
representation of the password, 2 bytes each), there is an internal
method called

internal static unsafe string ByteArrayToHexString(byte[] buf, int
iLen)

This seems to do the job of the format string I mentioned above, same
results are always returned, but probably slightly slower as the
calculations are done one level up. Is there any reason for this? Did
the guy/gal working for Microsoft doing the Forms Authentication
encryption in ASP.NET simply not realise the format string was in the
framework?!

Thanks

 

[bruce barker]

they probably wrote a convert routine for performance (I would). the format
method, has to parse the format specifier, load a formater, call the
formater(s), merge the results with possible literals in the specifier, and
return results.

-- bruce (sqlwork.com)

 

[John Rivers]

also everytime you use code written by other people
you take the risk of suffering a breaking change later on

it may only take you 10 minutes to write a replacement function

but a production system could go down for 2 hours due to a breaking
change

this means using convenience functions can sometimes be a false
economy

IMO the trick is to only use the parts of the .NET Framework that give
good value
(in other words you can not write them yourself easily)

another thought is that Forms Authentication code was written before
Formatting code was finished?