According to RFC 6189, the support for ZRTP is indicated by a zrtp-hash attribute in SDP message. This attribute carries hash for ZRTP Hello message and can be used to authenticate said message.
This attributes also effectively eliminates MiTM attacks on ZRTP.
To implement this, I would keep the current implementation of ZRTP functional, but I would also add a new function to the API for starting ZRTP after the session has been created. The hash would then either be given as a parameter to that function, or probably better would be to do it via the configure_ctx function.
I would also consider what other features of ZRTP should be configurable while implementing this.
According to RFC 6189, the support for ZRTP is indicated by a zrtp-hash attribute in SDP message. This attribute carries hash for ZRTP Hello message and can be used to authenticate said message.
This attributes also effectively eliminates MiTM attacks on ZRTP.
To implement this, I would keep the current implementation of ZRTP functional, but I would also add a new function to the API for starting ZRTP after the session has been created. The hash would then either be given as a parameter to that function, or probably better would be to do it via the configure_ctx function.
I would also consider what other features of ZRTP should be configurable while implementing this.