Upstream has a configure option, "--enable-blumenthal-aes", which enables the AES-192 and AES-256 algorithms. I believe this should be configurable via a package specific USE flag, since it is a draft feature. From the upstream `./configure --help`: --enable-blumenthal-aes Enable AES-192/AES-256 (Blumenthal draft) Reproducible: Always Steps to Reproduce: 1. Run `snmpwalk -v3` against an SNMP agent with AES-192 or AES-256 encryption Actual Results: "Timeout: No Response from (ip address)" or "Invalid privacy protocol specified after -3x flag: AES-256-C" if you run snmpwalk with `-x AES-256-C` set, which does work when `--enable-blumenthal-aes` is added to `configure` at build time. Expected Results: Normal output from snmpwalk. `AES-256-C` specifies the Cisco implementation of AES-256, but it is enabled by upstream when enabling the Blumenthal draft implementation as well.
Created attachment 837967 [details, diff] Ebuild patch to add the proposed package specific use flag.
Created attachment 837969 [details, diff] Metadata patch to add the proposed package specific use flag.