Currently, our AesGcm class always uses our own GCM implementation on macOS and never falls back to .NET's AesGcm or any third-party library. Our GCM implementation uses .NET's AesCryptoServiceProvider as the underlying AES implementation.
Originally, we did intend to make AesGcm fall back to .NET's AesGcm on macOS (if it was available and worked), but there seems to have been some kind of serious issue in .NET Core 3.1 and .NET 5.0 that made it impossible to detect .NET AesGcm's usability - any attempt to use it caused the whole application to crash (instead of just raising an exception).
We might change this in the future, but if we do, we would most likely add a way to specify which implementation to use.
(As a side note, AesGcm uses MS CNG API on Windows.)