diff --git a/demos/sm3/CMakeLists.txt b/demos/sm3/CMakeLists.txt
index 52b0c3f2..27daa262 100644
--- a/demos/sm3/CMakeLists.txt
+++ b/demos/sm3/CMakeLists.txt
@@ -4,5 +4,9 @@ project(sm3demo)
 include_directories(/usr/local/include)
 link_directories(/usr/local/lib)
 
-add_executable(sm3demo sm3demo.c)
-target_link_libraries(sm3demo gmssl)
+add_executable(sm3_demo sm3_demo.c)
+add_executable(sm3_hmac_demo sm3_hmac_demo.c)
+add_executable(sm3_kdf_demo sm3_kdf_demo.c)
+target_link_libraries(sm3_demo gmssl)
+target_link_libraries(sm3_hmac_demo gmssl)
+target_link_libraries(sm3_kdf_demo gmssl)
diff --git a/demos/sm3/Makefile b/demos/sm3/Makefile
new file mode 100644
index 00000000..1c31e1ce
--- /dev/null
+++ b/demos/sm3/Makefile
@@ -0,0 +1,9 @@
+all:
+	cc sm3_demo.c -lgmssl -o sm3_demo
+	cc sm3_hmac_demo.c -lgmssl -o sm3_hmac_demo
+	cc sm3_kdf_demo.c -lgmssl -o sm3_kdf_demo
+clean:
+	rm -fr sm3_demo
+	rm -fr sm3_hmac_demo
+	rm -fr sm3_kdf_demo
+
diff --git a/demos/sm3/sm3demo.c b/demos/sm3/sm3_demo.c
similarity index 100%
rename from demos/sm3/sm3demo.c
rename to demos/sm3/sm3_demo.c
diff --git a/demos/sm3/sm3_hmac_demo.c b/demos/sm3/sm3_hmac_demo.c
new file mode 100644
index 00000000..a9ed7db2
--- /dev/null
+++ b/demos/sm3/sm3_hmac_demo.c
@@ -0,0 +1,42 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm3.h>
+
+
+int main(void)
+{
+	SM3_HMAC_CTX hmac_ctx;
+	unsigned char key[16] = {
+		0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
+		0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
+	};
+	unsigned char mbuf[16] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	unsigned char hmac[32] = {0};
+	int i;
+
+
+	sm3_hmac_init(&hmac_ctx, key, sizeof(key));
+	sm3_hmac_update(&hmac_ctx, mbuf, sizeof(mbuf));
+	sm3_hmac_finish(&hmac_ctx, hmac);
+
+	printf("hmac: ");
+	for (i = 0; i < sizeof(hmac); i++) {
+		printf("%02X", hmac[i]);
+	}
+	printf("\n");
+
+	memset(hmac, 0, sizeof(hmac));
+	sm3_hmac(key, sizeof(key), mbuf, sizeof(mbuf), hmac);
+
+	printf("hmac: ");
+	for (i = 0; i < sizeof(hmac); i++) {
+		printf("%02X", hmac[i]);
+	}
+	printf("\n");
+
+	return 0;
+}
diff --git a/demos/sm3/sm3_kdf_demo.c b/demos/sm3/sm3_kdf_demo.c
new file mode 100644
index 00000000..9089afcd
--- /dev/null
+++ b/demos/sm3/sm3_kdf_demo.c
@@ -0,0 +1,28 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/sm3.h>
+
+
+int main(void)
+{
+	SM3_KDF_CTX kdf_ctx;
+	unsigned char key[16] = {0};
+	unsigned char raw[32] = {
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+		0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
+	};
+	int i;
+
+	sm3_kdf_init(&kdf_ctx, sizeof(key));
+	sm3_kdf_update(&kdf_ctx, raw, sizeof(raw));
+	sm3_kdf_finish(&kdf_ctx, key);
+
+	printf("key: ");
+	for (i = 0; i < sizeof(key); i++) {
+		printf("%02X", key[i]);
+	}
+	printf("\n");
+
+	return 0;
+}
diff --git a/src/sm3_hmac.c b/src/sm3_hmac.c
index 96bb0c67..58f4b48f 100644
--- a/src/sm3_hmac.c
+++ b/src/sm3_hmac.c
@@ -113,8 +113,8 @@ void sm3_hmac_finish(SM3_HMAC_CTX *ctx, uint8_t mac[SM3_HMAC_SIZE])
 	memset(ctx, 0, sizeof(*ctx));
 }
 
-void sm3_hmac(const uint8_t *data, size_t data_len,
-	const uint8_t *key, size_t key_len,
+void sm3_hmac(const uint8_t *key, size_t key_len,
+	const uint8_t *data, size_t data_len,
 	uint8_t mac[SM3_HMAC_SIZE])
 {
 	SM3_HMAC_CTX ctx;
diff --git a/src/sm9_lib.c b/src/sm9_lib.c
index cfe23b50..de7bacab 100644
--- a/src/sm9_lib.c
+++ b/src/sm9_lib.c
@@ -367,6 +367,7 @@ int sm9_do_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
 	const uint8_t *in, size_t inlen,
 	SM9_POINT *C1, uint8_t *c2, uint8_t c3[SM3_HMAC_SIZE])
 {
+	SM3_HMAC_CTX hmac_ctx;
 	uint8_t K[inlen + 32];
 
 	if (sm9_kem_encrypt(mpk, id, idlen, sizeof(K), K, C1) != 1) {
@@ -374,7 +375,12 @@ int sm9_do_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
 		return -1;
 	}
 	gmssl_memxor(c2, K, in, inlen);
-	sm3_hmac(K + inlen, 32, c2, inlen, c3);
+
+	//sm3_hmac(K + inlen, 32, c2, inlen, c3);
+	sm3_hmac_init(&hmac_ctx, K + inlen, SM3_HMAC_SIZE);
+	sm3_hmac_update(&hmac_ctx, c2, inlen);
+	sm3_hmac_finish(&hmac_ctx, c3);
+	gmssl_secure_clear(&hmac_ctx, sizeof(hmac_ctx));
 	return 1;
 }
 
@@ -382,6 +388,7 @@ int sm9_do_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen,
 	const SM9_POINT *C1, const uint8_t *c2, size_t c2len, const uint8_t c3[SM3_HMAC_SIZE],
 	uint8_t *out)
 {
+	SM3_HMAC_CTX hmac_ctx;
 	uint8_t k[c2len + SM3_HMAC_SIZE];
 	uint8_t mac[SM3_HMAC_SIZE];
 
@@ -389,7 +396,11 @@ int sm9_do_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen,
 		error_print();
 		return -1;
 	}
-	sm3_hmac(k + c2len, SM3_HMAC_SIZE, c2, c2len, mac);
+	//sm3_hmac(k + c2len, SM3_HMAC_SIZE, c2, c2len, mac);
+	sm3_hmac_init(&hmac_ctx, k + c2len, SM3_HMAC_SIZE);
+	sm3_hmac_update(&hmac_ctx, c2, c2len);
+	sm3_hmac_finish(&hmac_ctx, mac);
+	gmssl_secure_clear(&hmac_ctx, sizeof(hmac_ctx));
 
 	if (gmssl_secure_memcmp(c3, mac, sizeof(mac)) != 0) {
 		error_print();