Refactor key derivation code to be more explicit and testable

[pabuhler]

The function srtp_stream_init_keys has been the cause of several bugs, the latest being #763 / #765 . The code there uses heuristics to determine key lengths but there should be no need as this should be explicit for each cipher type.

Input key and salt length should be passed in to prevent reading out of bounds.
Key and Salt should be passed in separately.
RTCP & RTP share the kdf even though there is no check they are the same cipher.
The result of this function should be testable as there exists test vectors in a lot of RFC's.

Any public API changes should be done before 3.0 .