If you have messages in your traces that describe the SPI/keys, you could write a dissector for those messages and call esp_sa_record_add_from_dissector() esp_sa_record_add_from_dissector() (see https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-ipsec.h).