diff --git a/library/ssl_tls13_invasive.h b/library/ssl_tls13_invasive.h
index 9f30c4aa0f..5a9d536b9e 100644
--- a/library/ssl_tls13_invasive.h
+++ b/library/ssl_tls13_invasive.h
@@ -28,6 +28,28 @@
 
 #if defined(MBEDTLS_PSA_CRYPTO_C)
 
+/**
+ *  \brief  Take the input keying material \p ikm and extract from it a
+ *          fixed-length pseudorandom key \p prk.
+ *
+ *  \param       alg       A hash function.
+ *  \param       salt      An optional salt value (a non-secret random value);
+ *                         if the salt is not provided, a string of all zeros
+ *                         of the length of the hash provided by \p alg is used
+ *                         as the salt.
+ *  \param       salt_len  The length in bytes of the optional \p salt.
+ *  \param       ikm       The input keying material.
+ *  \param       ikm_len   The length in bytes of \p ikm.
+ *  \param[out]  prk       A pseudorandom key of \p prk_len bytes.
+ *  \param       prk_size  Size of the \p prk buffer in bytes.
+ *  \param[out]  prk_len   On success, the length in bytes of the
+ *                         pseudorandom key in \p prk.
+ *
+ *  \return 0 on success.
+ *  \return #MBEDTLS_ERR_HKDF_BAD_INPUT_DATA when the parameters are invalid.
+ *  \return An PSA_ERROR_* error for errors returned from the underlying
+ *          PSA layer.
+ */
 psa_status_t mbedtls_psa_hkdf_extract( psa_algorithm_t alg,
                                        const unsigned char *salt, size_t salt_len,
                                        const unsigned char *ikm, size_t ikm_len,