Like Olle said RTPEngine is perfectly capable of handling one leg in RTP the other in SRTP. When looking up RTPEngine's documentation, may be worth checking these out: 

e.g. try apply these flags to rtpengin_offer() on the incoming RTP leg, to get RTPEngine to add encryption to the outgoing leg etc.

Cheers,

Yufei