keyexch, keymgmt: Include the peer's public key in the check hash.

keyexch, keymgmt: Include the peer's public key in the check hash.

This turns out to be necessary for security: otherwise an adversary can
cross over two sessions, which is probably undesirable.  This also
requires that we know our own public key, which was previously
unnecessary.

Except for session-ids (we don't care if two `sessions' with the same
peer get crossed over, because we don't distinguish them anyway), the
protocol now matches the one described and proved secure in the crypto
paper.