func generateSalt() (string, error) {
    b := make([]byte, 16) // 16字節(jié)隨機(jī)鹽
    if _, err := rand.Read(b); err != nil {
        return "", err
    }
    return hex.EncodeToString(b), nil
}

func sm3Hash(password, salt string) string {
    h := sm3.New()
    h.Write([]byte(password + salt))
    return hex.EncodeToString(h.Sum(nil))
}

func HashPassword(password string) (string, error) {
    salt, err := generateSalt()
    if err != nil {
        return "", err
    }
    hash := sm3Hash(password, salt)
    return fmt.Sprintf("sm3$v1$%s$%s", salt, hash), nil
}

func CheckPassword(dbPassword, inputPassword string) (bool, error) {
    parts := strings.Split(dbPassword, "$")
    if len(parts) != 4 {
        return false, errors.New("hash 格式不正確")
    }
    _, version, salt, hash := parts[0], parts[1], parts[2], parts[3]
    if version != "v1" {
        return false, errors.New("不支持的版本")
    }
    calculatedHash := sm3Hash(inputPassword, salt)
    return calculatedHash == hash, nil
}

func CheckPassword(dbPassword, inputPassword, hashAlgo string) (bool, error) {
    switch hashAlgo {
    case "bcrypt":
        return bcrypt.CompareHashAndPassword([]byte(dbPassword), []byte(inputPassword)) == nil, nil
    case "sm3":
        return CheckPassword(dbPassword, inputPassword)
    default:
        return false, errors.New("未知 hash 算法")
    }
}

func main() {
    password := "123456"
    
    hash, _ := HashPassword(password)
    fmt.Println("存儲(chǔ)密碼:", hash)
    
    ok, _ := CheckPassword(hash, password)
    fmt.Println("驗(yàn)證密碼:", ok)
}

存儲(chǔ)密碼: sm3$v1$e2a3f4...$9f8d7c...
驗(yàn)證密碼: true