- in srtp.c we have a method:

static srtp_err_status_t srtp_kdf_generate(srtp_kdf_t *kdf,                                          srtp_prf_label label, uint8_t *key, unsigned int length)
{
    srtp_err_status_t status;
    v128_t nonce;

    /* set eigth octet of nonce to <label>, set the rest of it to zero */
    v128_set_to_zero(&nonce);
    nonce.v8[7] = label;
    ...

In RFC 3711 () section 4.3.1 it says the packet index is 48-bits ROC, i.e. 6 bytes. So for SRTP the method works fine by putting the label at position 7 (the salt is 14 bytes; the nonce has 16 byte positions; indexed from 0):

|                    salt                 |
|00|01|02|03|04|05|06|07|08|09|10|11|12|13|14|15|
                        |  index DIV kdr  |

For SRTCP section 4.3.2 says: Replace the SRTP index by the 32-bit quantity: 0 || SRTCP index (=4 bytes) index DIV kdr for rtcp is 4 bytes. Therefore the label must be put at position 9 in the nonce value.

|                    salt                 |
|00|01|02|03|04|05|06|07|08|09|10|11|12|13|14|15|
                              |indexDIVkdr|

Does this now imply that the libsrtp from Cisco contains a bug or is not fully RFC3711 compliant? Does nobody run into problem with this issue in more as 20 years time?