const GNUNET_HashCode * target);
+/**
+ * @brief Derive key
+ * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_...
+ * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_...
+ * @param xts salt
+ * @param xts_len length of xts
+ * @param skm source key material
+ * @param skm_len length of skm
+ * @param ctx context info
+ * @param ctx_len length of ctx
+ * @param out_len desired length of the derived key
+ * @param result buffer for the derived key, allocated by caller
+ * @return GNUNET_YES on success
+ */
+int
+GNUNET_CRYPTO_hkdf (int xtr_algo, int prf_algo, const void *xts,
+ const size_t xts_len, const void *skm, const size_t skm_len,
+ const void *ctx, const size_t ctx_len, const unsigned long long out_len,
+ void *result);
+
+
/**
* Create a new private key. Caller must free return value.
*
* files does not exist, create a new key and write it to the
* file. Caller must free return value. Note that this function
* can not guarantee that another process might not be trying
- * the same operation on the same file at the same time. The
- * caller must somehow know that the file either already exists
- * with a valid key OR be sure that no other process is calling
- * this function at the same time. If the contents of the file
+ * the same operation on the same file at the same time.
+ * If the contents of the file
* are invalid the old file is deleted and a fresh key is
* created.
*