Uploading image to Azure without HTTPS

Maybe this has been asked before, but I cant seem to find any good knowledge on it…

I want to upload an image to an Azure folder or database, and I cant seem to find the best architecture for that.

I have a running Python/Django web-server receiving images, but I want to move it to Azure.

Any hints?

The blob and table stores can accept http REST traffic for uploads, but you need firmware with SHA2 and MD5 available in order to compute the required signatures for the headers.

Authentication : https://msdn.microsoft.com/en-us/library/azure/dd179428.aspx
Blob REST api : Blob Storage REST API - Azure Storage | Microsoft Learn

I am working to build new Molecule.Net firmware with the needed crypto functions (because I need it too for Azure and for faster onboarding crypto). I believe some GHI firmware has the crypto and some doesn’t, but I haven’t tried it on my Spider or Cerbuino.

@ mcalsyn - thanks, this confirms my guesswork… looking forward to see the molecule progress on this… :slight_smile:

Can anyone else enlighten me on this based on the GHI portfolio of boards?

I do have C# source code for SHA2 and I see there is similar source code out there for MD5. It won’t be speedy, but it should work.

SHA2 : SHA2-Csharp/Sha256.cs at master · yuriks/SHA2-Csharp · GitHub (I have used this one)
MD5 : MD5 Implementation in C# | Syed Faraz Mahmood (I have not tried this one)

With those two, you should be able to generate the needed signatures, even without crypto firmware.

@ njbuch - Another option would be to create an AzureWebsite. Upload images to the website, and then have the website (which will have security and encryption available) upload the document to Azure Blob Storage. We work with Azure blob storage daily at my work and have lots of c# code that I could share if you like.

There is a great SDK for Azure blob storage and lots of great examples.


@ terrence - a few snippets to illustrate your idea would be awesome. :clap:

@ njbuch - The first method is your website code, that calls the other methods to upload the document into BlobStorage.

public ActionResult DocsToBobStorage()
	return View();

public static void UploadDocument(HttpRequestBase request)
	string containerName = ConfigFile.GetValue("AzureContainer");

	foreach (string file in request.Files)
		HttpPostedFileBase hpf = request.Files[file] as HttpPostedFileBase;

		if (hpf.ContentLength > 0)
			string fileName = "FileUploadedFromMyIOTBoard.pdf";
			fileName = BlobUtil.GetUniqueBlobName(containerName, fileName);
			BlobUtil.CopyStreamToContainer(hpf.InputStream, containerName, fileName);

public static CloudBlockBlob CopyStreamToContainer(Stream stream, CloudBlobContainer container, string fileName)
	stream.Position = 0;


	// Retrieve reference to a blob named localFileName
	CloudBlockBlob blob = (CloudBlockBlob)container.GetBlockBlobReference(fileName);
	string contentType = FileUtil.GetContentTypeByFileName(fileName);
	if (contentType != String.Empty)
		blob.Properties.ContentType = contentType;
	return blob;

public static CloudBlockBlob CopyStreamToContainer(Stream stream, string containerName, string fileName, CloudBlobClient client = null)
	if (client == null)
		client = BlobUtil.GetClient();

	var container = client.GetContainerReference(containerName.ToLower());

	// Retrieve reference to a previously created container
	return BlobUtil.CopyStreamToContainer(stream, container, fileName);

public static CloudBlobClient GetClient(string connectionString)
	CloudStorageAccount account = CloudStorageAccount.Parse(connectionString);
	CloudBlobClient client = account.CreateCloudBlobClient();
	client.RetryPolicy = new NoRetry();
	return client;

1 Like

Thank you so much!

Looks good. How is the authentication implemented on this?

check out this project:

or you can get the SHA netmf implantation directly from this link:

originally provided by if I remember correctly (http://microframework.nl) a dead link unfortunately :cry: you can read the blog using wayback machine :slight_smile: http://web.archive.org/web/20120331032740/http://www.microframework.nl/ and scroll down to the middle…


1 Like

My interest is in serial wifi of course, so I have been preparing a serial wifi version of the Azure Storage libs. The protocol libs are almost done, but the security lib (which is also used in the wifi onboarding) is ready.

You can get Sha2/Sha256 and HMACSHA256 in the nuget package PervasiveDigital.Security.ManagedProviders
The source is at : GitHub - PervasiveDigital/serialwifi: .Net Support for serial Wifi devices like the ESP8266

Example of use: Results verified against desktop crypto.

using System;
using System.Text;
using Microsoft.SPOT;

using PervasiveDigital.Security.ManagedProviders;

namespace MFHashValidation
    public class Program
        public static void Main()
            var keyBytes = Encoding.UTF8.GetBytes("myAzureAccountKey");
            var canonicalizedHeaderBytes = Encoding.UTF8.GetBytes("stringToHashGoesHere");
            var hmac = new HMACSHA256(keyBytes);
            var hash = hmac.ComputeHash(canonicalizedHeaderBytes);

1 Like

@ mcalsyn - this can be used for oxygen as well ?

Yes, that’s actually where I am testing - with Oxygen+Neon. It is useful on any platform that does not have the Crypto module in the firmware or enough memory for the full System.Cryptography assembly.

@ Jay Jay - This looks very promising as well…
@ mcalsyn - Are you using this library?

@ njbuch - which library do you mean? The netmfazure one? I didn’t know about the netmfazure lib until just now, though now that I do know about it, I will probably borrow some pieces from it. The security package I just posted is not from netmfazure, but I may borrow some of the http helpers from the netmfazure source just to save time now. They’ll all be twiddled a little bit for serial wifi and packaged as nuget packages.

@ mcalsyn - Sounds great, I was just concerned that you didnt see the post. :wink:

I am looking forward to see what this turns out to become!

@ njbuch - you and me both :wink:

This is pretty green (new) code, and I am sure there will be bugs (I have a couple on my list already). But anyway, I have added a PervasiveDigital.Net.Azure.Storage package to nuget which you can use with serial wifi interfaces to interact with Azure Storage services.

Use it like this:
[ol]Start a new project
Add nuget packages:
For Molecule.Net : IngenuityMicro.Hardware.Neon and PervasiveDigital.Net.Azure.Storage
For all others : PervasiveDigital.Hardware.ESP8266 and PervasiveDigital.Net.Azure.Storage[/ol]

Then use something like this (this is for blobs - tables and queues will come in a couple days as will some blog posts with more usage details and examples.

using System;
using Microsoft.SPOT;
using Microsoft.SPOT.Hardware;
using System.IO.Ports;

using IngenuityMicro.Hardware.Neon;
using IngenuityMicro.Hardware.Oxygen;

using PervasiveDigital.Net;
using PervasiveDigital.Net.Azure.Storage;

namespace AzureBlobDemo
    public class Program
        public static void Main()
            // For non-Molecule.net, it would be something like this...
            //var wifi = new Esp8266WifiDevice(new SerialPort("COM2", 115200, Parity.None, 8, StopBits.One), new OutputPort((Cpu.Pin)19, false), null);
            // For Molecule.net:
            var wifi = new NeonWifiDevice();

            wifi.Connect("---------", "----------");

            var sntp = new SntpClient(wifi, "time1.google.com");

            var account = new CloudStorageAccount("youraccountnamehere", "PblOkty----------------youraccountkeyhere--------------------------------------------A==");
            var blob = new BlobClient(wifi, account);

            var containerName = "cont3";

            // if needed...

            var someBytes = new byte[256];
            for (int i = 0; i < someBytes.Length; ++i)
                someBytes[i] = (byte)i;
            blob.PutBlockBlob(containerName, "mybytes", someBytes);


@ mcalsyn - Hmm, will have a look later, but I was planning to do something over a modem, can the “serial wifi” be abstracted away?

If you will use a built-in TCP stack (which includes PPP over a modem), then I would base your work on GitHub - azure-contrib/netmfazurestorage: A unified Windows Azure Storage SDK for .net Microframework

If you will be using a serial wifi adapter with it’s own TCP stack, then I would use the PervasiveDigital software.

In short, if you got your connection from System.Net, then use netmfazurestorage because it will use the NETMF TCP/IP stack. My PervasiveDigital solution is for folks that are not using the NETMF TCP stack.