diff --git a/CMakeLists.txt b/CMakeLists.txt
index 908a78a8..6ae17b7f 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -19,7 +19,7 @@ include_directories(include)
 
 add_library(
 	gmssl
-#	SHARED
+	SHARED
 	src/version.c
 	src/debug.c
 	src/sm4_common.c
diff --git a/demos/sm4/Makefile b/demos/sm4/Makefile
new file mode 100644
index 00000000..f3adb612
--- /dev/null
+++ b/demos/sm4/Makefile
@@ -0,0 +1,22 @@
+all:
+	cc sm4_demo.c -lgmssl -o sm4_demo
+	cc sm4_cbc_demo.c -lgmssl -o sm4_cbc_demo
+	cc sm4_cbc_padding_demo.c -lgmssl -o sm4_cbc_padding_demo
+	cc sm4_ctr_demo.c -lgmssl -o sm4_ctr_demo
+	cc sm4_gcm_demo.c -lgmssl -o sm4_gcm_demo
+	cc sm4_cbc_encrypt_update_demo.c -lgmssl -o sm4_cbc_encrypt_update_demo
+	cc sm4_cbc_decrypt_update_demo.c -lgmssl -o sm4_cbc_decrypt_update_demo
+	cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_encrypt_update_demo
+	cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_decrypt_update_demo
+
+clean:
+	rm -fr sm4_demo
+	rm -fr sm4_cbc_demo
+	rm -fr sm4_cbc_padding_demo
+	rm -fr sm4_ctr_demo
+	rm -fr sm4_gcm_demo
+	rm -fr sm4_cbc_encrypt_update_demo
+	rm -fr sm4_cbc_decrypt_update_demo
+	rm -fr sm4_ctr_encrypt_update_demo
+	rm -fr sm4_ctr_decrypt_update_demo
+
diff --git a/demos/sm4/sm4_cbc_decrypt_update_demo.c b/demos/sm4/sm4_cbc_decrypt_update_demo.c
new file mode 100644
index 00000000..71cafbdf
--- /dev/null
+++ b/demos/sm4/sm4_cbc_decrypt_update_demo.c
@@ -0,0 +1,42 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm4.h>
+#include <gmssl/rand.h>
+
+
+int main(void)
+{
+	SM4_CBC_CTX cbc_ctx;
+	unsigned char key[16] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char iv[16] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char inbuf[1024];
+	unsigned char outbuf[1024 + 32];
+	ssize_t inlen;
+	size_t outlen;
+
+	if (sm4_cbc_decrypt_init(&cbc_ctx, key, iv) != 1) {
+		fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
+		return 1;
+	}
+	while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
+		if (sm4_cbc_decrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
+			fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
+			return 1;
+		}
+		fwrite(outbuf, 1, outlen, stdout);
+	}
+	if (sm4_cbc_decrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
+		fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
+		return 1;
+	}
+	fwrite(outbuf, 1, outlen, stdout);
+
+	return 0;
+}
diff --git a/demos/sm4/sm4_cbc_demo.c b/demos/sm4/sm4_cbc_demo.c
new file mode 100644
index 00000000..d3fd4522
--- /dev/null
+++ b/demos/sm4/sm4_cbc_demo.c
@@ -0,0 +1,63 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm4.h>
+#include <gmssl/rand.h>
+
+
+int main(void)
+{
+	SM4_KEY sm4_key;
+	unsigned char key[16];
+	unsigned char iv[16];
+	unsigned char mbuf[32] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char cbuf[32] = {0};
+	unsigned char pbuf[32] = {0};
+	int i;
+
+	rand_bytes(key, sizeof(key));
+	rand_bytes(iv, sizeof(iv));
+
+	printf("key: ");
+	for (i = 0; i < sizeof(key); i++) {
+		printf("%02X", key[i]);
+	}
+	printf("\n");
+
+	printf("iv: ");
+	for (i = 0; i < sizeof(iv); i++) {
+		printf("%02X", iv[i]);
+	}
+	printf("\n");
+
+	printf("plaintext: ");
+	for (i = 0; i < sizeof(mbuf); i++) {
+		printf("%02X", mbuf[i]);
+	}
+	printf("\n");
+
+	sm4_set_encrypt_key(&sm4_key, key);
+	sm4_cbc_encrypt(&sm4_key, iv, mbuf, sizeof(mbuf)/SM4_BLOCK_SIZE, cbuf);
+
+	printf("ciphertext: ");
+	for (i = 0; i < sizeof(cbuf); i++) {
+		printf("%02X", cbuf[i]);
+	}
+	printf("\n");
+
+	sm4_set_decrypt_key(&sm4_key, key);
+	sm4_cbc_decrypt(&sm4_key, iv, cbuf, sizeof(cbuf)/SM4_BLOCK_SIZE, pbuf);
+
+	printf("decrypted: ");
+	for (i = 0; i < sizeof(pbuf); i++) {
+		printf("%02X", pbuf[i]);
+	}
+	printf("\n");
+
+	return 0;
+}
diff --git a/demos/sm4/sm4_cbc_encrypt_update_demo.c b/demos/sm4/sm4_cbc_encrypt_update_demo.c
new file mode 100644
index 00000000..c8677e64
--- /dev/null
+++ b/demos/sm4/sm4_cbc_encrypt_update_demo.c
@@ -0,0 +1,42 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm4.h>
+#include <gmssl/rand.h>
+
+
+int main(void)
+{
+	SM4_CBC_CTX cbc_ctx;
+	unsigned char key[16] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char iv[16] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char inbuf[1024];
+	unsigned char outbuf[1024 + 32];
+	ssize_t inlen;
+	size_t outlen;
+
+	if (sm4_cbc_encrypt_init(&cbc_ctx, key, iv) != 1) {
+		fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
+		return 1;
+	}
+	while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
+		if (sm4_cbc_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
+			fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
+			return 1;
+		}
+		fwrite(outbuf, 1, outlen, stdout);
+	}
+	if (sm4_cbc_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
+		fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
+		return 1;
+	}
+	fwrite(outbuf, 1, outlen, stdout);
+
+	return 0;
+}
diff --git a/demos/sm4/sm4_cbc_padding_demo.c b/demos/sm4/sm4_cbc_padding_demo.c
new file mode 100644
index 00000000..028a74a9
--- /dev/null
+++ b/demos/sm4/sm4_cbc_padding_demo.c
@@ -0,0 +1,96 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm4.h>
+#include <gmssl/rand.h>
+
+
+int main(void)
+{
+	SM4_KEY sm4_key;
+	unsigned char key[16];
+	unsigned char iv[16];
+	unsigned char mbuf[32] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char cbuf[32] = {0};
+	unsigned char pbuf[32] = {0};
+	size_t mlen1 = 20, mlen2 = 16;
+	size_t clen1, clen2;
+	size_t plen1, plen2;
+	int i;
+
+	rand_bytes(key, sizeof(key));
+	rand_bytes(iv, sizeof(iv));
+
+	printf("key: ");
+	for (i = 0; i < sizeof(key); i++) {
+		printf("%02X", key[i]);
+	}
+	printf("\n");
+
+	printf("iv: ");
+	for (i = 0; i < sizeof(iv); i++) {
+		printf("%02X", iv[i]);
+	}
+	printf("\n");
+
+
+	printf("sm4_cbc_pading encrypt %zu bytes\n", mlen1);
+
+	printf("plaintext: ");
+	for (i = 0; i < mlen1; i++) {
+		printf("%02X", mbuf[i]);
+	}
+	printf("\n");
+
+	sm4_set_encrypt_key(&sm4_key, key);
+	sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen1, cbuf, &clen1);
+
+	printf("ciphertext: ");
+	for (i = 0; i < clen1; i++) {
+		printf("%02X", cbuf[i]);
+	}
+	printf("\n");
+
+	sm4_set_decrypt_key(&sm4_key, key);
+	sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen1, pbuf, &plen1);
+
+	printf("decrypted: ");
+	for (i = 0; i < plen1; i++) {
+		printf("%02X", pbuf[i]);
+	}
+	printf("\n");
+
+	printf("sm4_cbc_pading encrypt %zu bytes\n", mlen2);
+
+	printf("plaintext: ");
+	for (i = 0; i < mlen2; i++) {
+		printf("%02X", mbuf[i]);
+	}
+	printf("\n");
+
+	sm4_set_encrypt_key(&sm4_key, key);
+	sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen2, cbuf, &clen2);
+
+	printf("ciphertext: ");
+	for (i = 0; i < clen2; i++) {
+		printf("%02X", cbuf[i]);
+	}
+	printf("\n");
+
+	sm4_set_decrypt_key(&sm4_key, key);
+	sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen2, pbuf, &plen2);
+
+	printf("decrypted: ");
+	for (i = 0; i < plen2; i++) {
+		printf("%02X", pbuf[i]);
+	}
+	printf("\n");
+
+
+	return 0;
+}
diff --git a/demos/sm4/sm4_ctr_demo.c b/demos/sm4/sm4_ctr_demo.c
new file mode 100644
index 00000000..f1cef1e5
--- /dev/null
+++ b/demos/sm4/sm4_ctr_demo.c
@@ -0,0 +1,67 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm4.h>
+#include <gmssl/rand.h>
+
+
+int main(void)
+{
+	SM4_KEY sm4_key;
+	unsigned char key[16];
+	unsigned char iv[16];
+	unsigned char ctr[16];
+	unsigned char mbuf[20] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,
+	};
+	unsigned char cbuf[20] = {0};
+	unsigned char pbuf[20] = {0};
+	int i;
+
+	rand_bytes(key, sizeof(key));
+	rand_bytes(iv, sizeof(iv));
+
+	printf("key: ");
+	for (i = 0; i < sizeof(key); i++) {
+		printf("%02X", key[i]);
+	}
+	printf("\n");
+
+	printf("ctr: ");
+	for (i = 0; i < sizeof(iv); i++) {
+		printf("%02X", iv[i]);
+	}
+	printf("\n");
+
+	sm4_set_encrypt_key(&sm4_key, key);
+
+	printf("sm4 ctr encrypt %zu bytes\n", sizeof(mbuf));
+
+	printf("plaintext: ");
+	for (i = 0; i < sizeof(mbuf); i++) {
+		printf("%02X", mbuf[i]);
+	}
+	printf("\n");
+
+	memcpy(ctr, iv, 16);
+	sm4_ctr_encrypt(&sm4_key, ctr, mbuf, sizeof(mbuf), cbuf);
+
+	printf("ciphertext: ");
+	for (i = 0; i < sizeof(cbuf); i++) {
+		printf("%02X", cbuf[i]);
+	}
+	printf("\n");
+
+	memcpy(ctr, iv, 16);
+	sm4_ctr_decrypt(&sm4_key, ctr, cbuf, sizeof(cbuf), pbuf);
+
+	printf("decrypted: ");
+	for (i = 0; i < sizeof(pbuf); i++) {
+		printf("%02X", pbuf[i]);
+	}
+	printf("\n");
+
+	return 0;
+}
diff --git a/demos/sm4/sm4_ctr_encrypt_update_demo.c b/demos/sm4/sm4_ctr_encrypt_update_demo.c
new file mode 100644
index 00000000..5bb2f5fd
--- /dev/null
+++ b/demos/sm4/sm4_ctr_encrypt_update_demo.c
@@ -0,0 +1,42 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm4.h>
+#include <gmssl/rand.h>
+
+
+int main(void)
+{
+	SM4_CTR_CTX cbc_ctx;
+	unsigned char key[16] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char ctr[16] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char inbuf[1024];
+	unsigned char outbuf[1024 + 32];
+	ssize_t inlen;
+	size_t outlen;
+
+	if (sm4_ctr_encrypt_init(&cbc_ctx, key, ctr) != 1) {
+		fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
+		return 1;
+	}
+	while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
+		if (sm4_ctr_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
+			fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
+			return 1;
+		}
+		fwrite(outbuf, 1, outlen, stdout);
+	}
+	if (sm4_ctr_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
+		fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
+		return 1;
+	}
+	fwrite(outbuf, 1, outlen, stdout);
+
+	return 0;
+}
diff --git a/demos/sm4/sm4_demo.c b/demos/sm4/sm4_demo.c
new file mode 100644
index 00000000..b05aa550
--- /dev/null
+++ b/demos/sm4/sm4_demo.c
@@ -0,0 +1,55 @@
+// sm4 demo1: encrypt and decrypt a block of message (16 bytes)
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm4.h>
+
+
+int main(void)
+{
+	SM4_KEY sm4_key;
+	unsigned char key[16] = {
+		0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
+		0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
+	};
+	unsigned char mbuf[16] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char cbuf[16];
+	unsigned char pbuf[16];
+	int i;
+
+	printf("key: ");
+	for (i = 0; i < sizeof(key); i++) {
+		printf("%02X", key[i]);
+	}
+	printf("\n");
+
+	printf("plaintext: ");
+	for (i = 0; i < sizeof(mbuf); i++) {
+		printf("%02X", mbuf[i]);
+	}
+	printf("\n");
+
+	sm4_set_encrypt_key(&sm4_key, key);
+	sm4_encrypt(&sm4_key, mbuf, cbuf);
+
+	printf("ciphertext: ");
+	for (i = 0; i < sizeof(cbuf); i++) {
+		printf("%02X", cbuf[i]);
+	}
+	printf("\n");
+
+	sm4_set_decrypt_key(&sm4_key, key);
+	sm4_decrypt(&sm4_key, cbuf, pbuf);
+
+	printf("decrypted: ");
+	for (i = 0; i < sizeof(pbuf); i++) {
+		printf("%02X", pbuf[i]);
+	}
+	printf("\n");
+
+	return 0;
+}
diff --git a/demos/sm4/sm4_gcm_demo.c b/demos/sm4/sm4_gcm_demo.c
new file mode 100644
index 00000000..54ace634
--- /dev/null
+++ b/demos/sm4/sm4_gcm_demo.c
@@ -0,0 +1,81 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm4.h>
+#include <gmssl/rand.h>
+
+
+int main(void)
+{
+	SM4_KEY sm4_key;
+	unsigned char key[16];
+	unsigned char iv[16];
+	unsigned char aad[20];
+	unsigned char mbuf[64] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,
+	};
+	unsigned char cbuf[64] = {0};
+	unsigned char pbuf[64] = {0};
+	unsigned char tag[16];
+	int i;
+
+	rand_bytes(key, sizeof(key));
+	rand_bytes(iv, sizeof(iv));
+
+	printf("key: ");
+	for (i = 0; i < sizeof(key); i++) {
+		printf("%02X", key[i]);
+	}
+	printf("\n");
+
+	printf("iv: ");
+	for (i = 0; i < sizeof(iv); i++) {
+		printf("%02X", iv[i]);
+	}
+	printf("\n");
+
+	sm4_set_encrypt_key(&sm4_key, key);
+
+	printf("sm4 gcm encrypt\n");
+
+	printf("auth-only data: ");
+	for (i = 0; i < sizeof(aad); i++) {
+		printf("%02X", aad[i]);
+	}
+	printf("\n");
+
+	printf("plaintext: ");
+	for (i = 0; i < sizeof(mbuf); i++) {
+		printf("%02X", mbuf[i]);
+	}
+	printf("\n");
+
+	sm4_gcm_encrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), mbuf, sizeof(mbuf), cbuf, sizeof(tag), tag);
+
+	printf("ciphertext: ");
+	for (i = 0; i < sizeof(cbuf); i++) {
+		printf("%02X", cbuf[i]);
+	}
+	printf("\n");
+
+	printf("mac-tag: ");
+	for (i = 0; i < sizeof(tag); i++) {
+		printf("%02X", tag[i]);
+	}
+	printf("\n");
+
+	if (sm4_gcm_decrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), cbuf, sizeof(mbuf), tag, sizeof(tag), pbuf) != 1) {
+		fprintf(stderr, "sm4 gcm decrypt failed\n");
+		return 1;
+	}
+
+	printf("decrypted: ");
+	for (i = 0; i < sizeof(pbuf); i++) {
+		printf("%02X", pbuf[i]);
+	}
+	printf("\n");
+
+	return 0;
+}