diff --git a/trunk/src/core/srs_core.hpp b/trunk/src/core/srs_core.hpp
index 05404d394..5012eda0f 100644
--- a/trunk/src/core/srs_core.hpp
+++ b/trunk/src/core/srs_core.hpp
@@ -31,7 +31,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 // current release version
 #define VERSION_MAJOR "0"
 #define VERSION_MINOR "9"
-#define VERSION_REVISION "194"
+#define VERSION_REVISION "195"
 #define RTMP_SIG_SRS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_REVISION
 // server info.
 #define RTMP_SIG_SRS_KEY "SRS"
diff --git a/trunk/src/rtmp/srs_protocol_handshake.cpp b/trunk/src/rtmp/srs_protocol_handshake.cpp
index 5e727109d..67b1cb0f7 100644
--- a/trunk/src/rtmp/srs_protocol_handshake.cpp
+++ b/trunk/src/rtmp/srs_protocol_handshake.cpp
@@ -198,9 +198,9 @@ namespace _srs_internal
         }
         
         // copy public key to bytes.
-        // TODO: FIXME: please finger it out.
+        // sometimes, the key_size is 127, seems ok.
         int32_t key_size = BN_num_bytes(pdh->pub_key);
-        srs_assert(key_size == size);
+        srs_assert(key_size > 0);
         
         if (BN_bn2bin(pdh->pub_key, (unsigned char*)public_key) != size) {
             //("Unable to copy key"); return ret;
@@ -211,18 +211,13 @@ namespace _srs_internal
         return ret;
     }
     /**
-    * create DH and copy the 128bytes public key,
-    * generate and copy the shared key.
+    * use exists DH to create and copy the 128bytes shared key.
+    * the peer public key used to generate the shared key.
     */
-    int __openssl_compute_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* public_key, char* shared_key)
+    int __openssl_copy_shared_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* shared_key)
     {
         int ret = ERROR_SUCCESS;
         
-        // create DH and copy the 128bytes public key
-        if ((ret = __openssl_copy_key(pdh, public_key, ppk_size)) != ERROR_SUCCESS) {
-            return ret;
-        }
-        
         BIGNUM* ppk = NULL;
         if ((ppk = BN_bin2bn((const unsigned char*)peer_pub_key, ppk_size, 0)) == NULL) {
             ret = ERROR_OpenSslGetPeerPublicKey;
@@ -240,6 +235,26 @@ namespace _srs_internal
         
         return ret;
     }
+    /**
+    * create DH and copy the 128bytes public key,
+    * generate and copy the shared key.
+    */
+    int __openssl_compute_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* public_key, char* shared_key)
+    {
+        int ret = ERROR_SUCCESS;
+        
+        // create DH and copy the 128bytes public key
+        if ((ret = __openssl_copy_key(pdh, public_key, ppk_size)) != ERROR_SUCCESS) {
+            return ret;
+        }
+        
+        // generate and copy the shared key
+        if ((ret = __openssl_copy_shared_key(pdh, peer_pub_key, ppk_size, shared_key)) != ERROR_SUCCESS) {
+            return ret;
+        }
+        
+        return ret;
+    }
     void __openssl_free(DH* pdh)
     {
         if (pdh != NULL) {