2 files changed, 25 insertions, 0 deletions

diff --git a/test/captures/wireguard-ping-tcp-dsb.pcapng b/test/captures/wireguard-ping-tcp-dsb.pcapng
new file mode 100644
index 0000000000..d15790f395
--- /dev/null
+++ b/test/captures/wireguard-ping-tcp-dsb.pcapng
diff --git a/test/suite_decryption.py b/test/suite_decryption.py
index 68f189588a..06cca6367e 100644
--- a/test/suite_decryption.py
+++ b/test/suite_decryption.py
@@ -723,6 +723,31 @@ class case_decrypt_wireguard(subprocesstest.SubprocessTestCase):
         self.assertIn('17\t\t\t\t\t\t443', lines)
         self.assertIn('18\t\t\t\t\t\t49472', lines)
 
+    def test_decrypt_wg_full_initiator_dsb(self, run_wireguard_test):
+        """
+        Similar to test_decrypt_full_initiator, but using decryption keys
+        embedded in the pcapng file. The embedded secrets do not contain leading
+        spaces nor spaces around the '=' character.
+        """
+        lines = run_wireguard_test(self, [
+            '-Tfields',
+            '-e', 'frame.number',
+            '-e', 'wg.ephemeral.known_privkey',
+            '-e', 'wg.static',
+            '-e', 'wg.timestamp.nanoseconds',
+            '-e', 'wg.handshake_ok',
+            '-e', 'icmp.type',
+            '-e', 'tcp.dstport',
+        ], pcap_file='wireguard-ping-tcp-dsb.pcapng')
+        self.assertIn('1\t1\t%s\t%s\t\t\t' % (self.key_Spub_i, '356537872'), lines)
+        self.assertIn('2\t0\t\t\t1\t\t', lines)
+        self.assertIn('3\t\t\t\t\t8\t', lines)
+        self.assertIn('4\t\t\t\t\t0\t', lines)
+        self.assertIn('13\t1\t%s\t%s\t\t\t' % (self.key_Spub_i, '490514356'), lines)
+        self.assertIn('14\t0\t\t\t1\t\t', lines)
+        self.assertIn('17\t\t\t\t\t\t443', lines)
+        self.assertIn('18\t\t\t\t\t\t49472', lines)
+
     def test_decrypt_full_responder(self, run_wireguard_test):
         """Check for full handshake decryption using responder secrets."""
         lines = run_wireguard_test(self, [