diff --git a/src/tls13handshake.rs b/src/tls13handshake.rs
index 3c3adf9..d74db90 100644
--- a/src/tls13handshake.rs
+++ b/src/tls13handshake.rs
@@ -201,15 +201,19 @@ fn put_server_hello(
     };
     set_by_handle(ks, &shared_secret_handle, shared_secret);
 
-    let psk_handle = psk.map(|x| {
-        let handle = Handle {
-            alg: ciphersuite.hash,
-            name: PSK,
-            level: 0,
-        };
-        set_by_handle(ks, &handle, x);
-        handle
-    });
+    // hax-issue: can't use mutating map here
+    let psk_handle = match psk {
+        Some(bytes) => {
+            let handle = Handle {
+                alg: ciphersuite.hash,
+                name: PSK,
+                level: 0,
+            };
+            set_by_handle(ks, &handle, bytes);
+            Some(handle)
+        }
+        None => None,
+    };
 
     let (ch_handle, sh_handle, ms_handle) = derive_hk_handles(
         &ciphersuite.hash,
@@ -560,16 +564,22 @@ fn get_server_hello(
     let transcript = state.transcript.add(&sh);
     let transcript_hash = transcript.transcript_hash()?;
 
-    let psk_handle = state.server.psk_opt.clone().map(|x| {
-        let handle = Handle {
-            alg: state.ciphersuite.hash,
-            name: PSK,
-            level: 0,
-        };
-        set_by_handle(ks, &handle, x);
-        handle
-    });
 
+    // hax-issue: can't use mutating map here
+    let psk_handle = state.server.psk_opt.clone();
+    let psk_handle = match psk_handle {
+        Some(bytes) => {
+            let handle = Handle {
+                alg: state.ciphersuite.hash,
+                name: PSK,
+                level: 0,
+            };
+            set_by_handle(ks, &handle, bytes);
+            Some(handle)
+        }
+        None => None,
+    };
+    
     let (ch_handle, sh_handle, ms_handle) = derive_hk_handles(
         &state.ciphersuite.hash,
         &shared_secret_handle,
diff --git a/src/tls13keyscheduler/key_schedule.rs b/src/tls13keyscheduler/key_schedule.rs
index e1b9a93..bd38de4 100644
--- a/src/tls13keyscheduler/key_schedule.rs
+++ b/src/tls13keyscheduler/key_schedule.rs
@@ -367,10 +367,10 @@ pub fn XPD<KS: KeySchedule<TLSnames>>(
         .get(n1.unwrap(), l, (h1.name, h1.alg, h1.level))
         .ok_or(INCORRECT_STATE)?;
 
-    let k: TagKey;
+    let k: TagKey = 
     if n == PSK {
         l = l + 1;
-        k = xpd(
+        xpd(
             &TagKey {
                 alg: h1.alg,
                 tag: h1.name,
@@ -378,10 +378,10 @@ pub fn XPD<KS: KeySchedule<TLSnames>>(
             },
             label,
             args,
-        )?;
+        )?
     } else {
         let d = KS::hash(args);
-        k = xpd(
+        xpd(
             &TagKey {
                 alg: h1.alg,
                 tag: h1.name,
@@ -389,8 +389,8 @@ pub fn XPD<KS: KeySchedule<TLSnames>>(
             },
             label,
             &d,
-        )?;
-    }
+        )?
+    };
     // let h =
     let _ = ks.set(n, l, (h.name, h.alg, h.level), k.val);
     // set(&mut self, name: N, level: u8, h: (N, HashAlgorithm, u8), hon: bool, k: (N, Key));