server/: Expose and enhance the bulk-key-derivation protocol.

server/: Expose and enhance the bulk-key-derivation protocol.

  * Rename `struct rawkey' to `deriveargs', and document it;

  * make `ks_derivekey' private in `bulkcrypto.c', and rename it
    `derivekey';

  * make the various contributions to the derived keys be optional and
    handle them not existing sensibly; and

  * cope with the idea that a caller might only want incoming or
    outgoing keys, but not both.

This lays the groundwork for a separately usable public-key encryption
scheme based on the existing machinery, but this will come a bit later.