Logo ItTechGenie

ISerializable Interface in C#

What is the ISerializable Interface in C#?

The **ISerializable** interface in C# allows developers to **customize the serialization process** by defining how an object is serialized and deserialized. It is commonly used when working with **private fields, custom logic, or backward compatibility**.

Key Features of ISerializable Interface

  • Provides **full control** over serialization and deserialization.
  • Used for **handling private fields, encryption, and versioning**.
  • Works with **BinaryFormatter and other serialization methods**.
  • Requires implementing the **GetObjectData()** method.

Implementing ISerializable for Custom Serialization

To implement **ISerializable**, a class must define the **GetObjectData()** method and a **special constructor** to handle deserialization.

Example: Custom Serialization Using ISerializable

using System;
using System.IO;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Formatters.Binary;

[Serializable]
class User : ISerializable
{
    public string Username { get; set; }
    private string Password { get; set; }

    public User() { }

    public User(string username, string password)
    {
        Username = username;
        Password = password;
    }

    // Custom Serialization
    protected User(SerializationInfo info, StreamingContext context)
    {
        Username = info.GetString("Username");
        Password = Decrypt(info.GetString("Password"));
    }

    public void GetObjectData(SerializationInfo info, StreamingContext context)
    {
        info.AddValue("Username", Username);
        info.AddValue("Password", Encrypt(Password));
    }

    private string Encrypt(string data) => $"encrypted({data})";
    private string Decrypt(string data) => data.Replace("encrypted(", "").Replace(")", "");

    public string GetPassword() => Password;
}

// Writing Custom Serialized Object
class Program
{
    static void Main()
    {
        User user = new User("Alice", "SuperSecret123");
        BinaryFormatter formatter = new BinaryFormatter();

        using (FileStream stream = new FileStream("user.dat", FileMode.Create))
        {
            formatter.Serialize(stream, user);
        }

        Console.WriteLine("User object serialized with encryption.");
    }
}

// Output:
// User object serialized with encryption.

The **ISerializable** interface allows encrypting passwords during serialization.

Deserializing ISerializable Objects

The **ISerializable** interface requires a **custom constructor** to reconstruct objects during deserialization.

Example: Deserializing a Custom ISerializable Object

using System;
using System.IO;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Formatters.Binary;

class DeserializeExample
{
    static void Main()
    {
        BinaryFormatter formatter = new BinaryFormatter();
        using (FileStream stream = new FileStream("user.dat", FileMode.Open))
        {
            User user = (User)formatter.Deserialize(stream);
            Console.WriteLine($"Username: {user.Username}, Password: {user.GetPassword()}");
        }
    }
}

// Output:
// Username: Alice, Password: SuperSecret123

The **custom constructor** ensures that sensitive data like passwords are properly handled during deserialization.

Handling Versioning with ISerializable

When adding **new fields** to a class, the **ISerializable** interface can help maintain backward compatibility.

Example: Handling Versioning in ISerializable

using System;
using System.IO;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Formatters.Binary;

[Serializable]
class Employee : ISerializable
{
    public string Name { get; set; }
    private int Salary { get; set; }

    public Employee() { }

    public Employee(string name, int salary)
    {
        Name = name;
        Salary = salary;
    }

    protected Employee(SerializationInfo info, StreamingContext context)
    {
        Name = info.GetString("Name");
        Salary = info.GetInt32("Salary", defaultValue: 50000); // Default value for older versions
    }

    public void GetObjectData(SerializationInfo info, StreamingContext context)
    {
        info.AddValue("Name", Name);
        info.AddValue("Salary", Salary);
    }
}

// Writing Versioned Serialized Object
class Program
{
    static void Main()
    {
        Employee emp = new Employee("Charlie", 70000);
        BinaryFormatter formatter = new BinaryFormatter();

        using (FileStream stream = new FileStream("employee.dat", FileMode.Create))
        {
            formatter.Serialize(stream, emp);
        }

        Console.WriteLine("Employee object serialized with version handling.");
    }
}

// Output:
// Employee object serialized with version handling.

**Default values** can be provided for older versions of serialized objects to ensure compatibility.

Best Practices for Using ISerializable

  • Use **ISerializable** when handling **private fields and encryption**.
  • Implement a **custom deserialization constructor** to properly reconstruct objects.
  • For **JSON serialization**, use **JsonConverter** instead of ISerializable.
  • Ensure **version compatibility** by providing default values for new fields.
Previous: Custom Serialization