On line 14, out is truncated to length tailOffset:
https://github.com/pions/srtp/blob/bc58b55b1a0d101267701ae3ea00412cb77bc918/srtcp.go#L14

However, on line 21, access of out[tailOffset:] is attempted, which results in an out-of-bounds panic:
https://github.com/pions/srtp/blob/bc58b55b1a0d101267701ae3ea00412cb77bc918/srtcp.go#L21

Believe line 21 should be:

srtcpIndexBuffer := encrypted[tailOffset : tailOffset+srtcpIndexSize]

Oof nice catch @thinkski

It’s a bummer that none of the tests caught this. I will have to figure out why, I guess we only test unencrypted RTCP?

You up for opening a PR for this? I can grab instead if you are busy!