this looks like a bug in the port. So if you start looking at the configure script for net-snmp you'll find that those AES modes you want are only enabled if the following passes:

if test "x/usr/local/ssl" != x -a -d /usr/local/ssl; then
if test -d /usr/local/ssl/lib; then
LDFLAGS="-L/usr/local/ssl/lib $LDFLAGS"
fi
if test -d /usr/local/ssl/include; then
CPPFLAGS="-I/usr/local/ssl/include $CPPFLAGS"
fi
fi

which then sets tryopenssl=yes

If tryopenssl=yes, then it runs this loop:

if test "x$tryopenssl" = "xyes"; then
for ac_header in openssl/aes.h openssl/evp.h
do :
as_ac_Header=`printf "%s\n" "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
if eval test \"x\$"$as_ac_Header"\" = x"yes"
then :
cat >>confdefs.h <<_ACEOF
#define `printf "%s\n" "HAVE_$ac_header" | $as_tr_cpp` 1
_ACEOF
aes_capable=yes
fi

done
fi

and that appears to be what is required to enable those AES modes

but if you're building against OpenSSL in base (as you would be by default), this test is going to fail...

that's just the ./configure script in the port. It's actually bugged because it's reporting Encryption support for modes that are NOT actually enabled!

I have the fix. See screenshots attached. First is working build, second is unmodified port build