From ccb5ff8e6d5312dbef68fd62c04c517da88d4086 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@zerotier.com>
Date: Wed, 8 Mar 2023 16:00:23 -0500
Subject: [PATCH] Add PSK to h as well.

---
 zssp/src/zssp.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/zssp/src/zssp.rs b/zssp/src/zssp.rs
index 0673561f1..a2b6854de 100644
--- a/zssp/src/zssp.rs
+++ b/zssp/src/zssp.rs
@@ -948,7 +948,7 @@ impl<Application: ApplicationLayer> Context<Application> {
                                 assert!(metadata.len() <= (u16::MAX as usize));
                                 reply_len = append_to_slice(&mut reply_buffer, reply_len, &(metadata.len() as u16).to_le_bytes())?;
 
-                                let noise_h_next = mix_hash(&noise_h_next, &reply_buffer[HEADER_SIZE..reply_len]);
+                                let noise_h_next = mix_hash(&mix_hash(&noise_h_next, &reply_buffer[HEADER_SIZE..reply_len]), session.psk.as_bytes());
 
                                 enc_start = reply_len;
                                 reply_len = append_to_slice(&mut reply_buffer, reply_len, metadata)?;
@@ -1047,6 +1047,8 @@ impl<Application: ApplicationLayer> Context<Application> {
                         }
                         let (alice_noise_s, psk, application_data) = check_result.unwrap();
 
+                        let noise_h_next = mix_hash(&noise_h_next, psk.as_bytes());
+
                         // Complete Noise_XKpsk3 on Bob's side.
                         let noise_es_ee_se_hk_psk = Secret(hmac_sha512(
                             &hmac_sha512(