I'm a little confused as to what this "framework" is doing then. There could only possibly be a few lines of code behind that function to encrypt / salt the provided pass. Actually if your pulling the hashed pwd yourself, then it could only be a static salt which is garbage anyways.
Short answer, yes it should be fine to pass POST directly to that script. I'd have a look around at some threads / pages on this topic though. Since your concerned with security, you'll gain experience + more security from writing something yourself after learning a bit more on the topic. There's not too much to it
EDIT: For a long winded discussion that didn't really get us anywhere... http://www.sitepoint.com/forums/showthread.php?904383-Let-s-talk-security&highlight=talk+security Some interesting things came up there anyways.