Is there any way to Hash a password using BCrypt in classic ASP?

Question

I have an older site running on Classic ASP. I want to start hashing the password seeing as they are stored plain text on the server right now. I've used a BCrypt hash with PHP on a separate site and was hoping to find something similar for Classic ASP.

Side Question: I have a library that runs using PHP on the Classic ASP site. Could I run a PHP solution to hash the password or would that be ill advised?

Answer 1

After reading the OP question I conclude that the OP wants a hashing algorithm (example given: bcrypt).

Well, if you are looking for a hash in classic ASP it's a bit like a desert, not so many lbiraries.

This link however implements a sha1 hash, http://forums.aspfree.com/code-bank-54/asp-classic-sha1-hash-82166.html it has the code (read all comments as well), now you have a portable cross-code implementable hash function.

<%
    Dim strPassWord, strHash, salt
    salt = "6XBMkpz39m8RFCpwt1Cofzbg1TTIN7yTGzMlayIfy9yBOPgX2zhfXM9X5mqv8HT6"
    strPassWord = "secret"
    strHash = hex_sha1(strPassWord & salt)

    Response.Write("<p><b>strPassWord:</b> " & strPassWord & "</p>")
    Response.Write("<p><b>strHash:</b> " & strHash & "</p>")
%>

Expanding to C#, Javascript, Python, ... and so on. So somewhere in the future - when you decide to leave classic ASP behind - you'll find that you are still able to use the stored hashed passwords.