Currently, our AesGcm
class always uses our own GCM implementation on macOS and never falls back to .NET's AesGcm
or any third-party library. Our GCM implementation uses .NET's AesCryptoServiceProvider
as the underlying AES implementation.
Originally, we did intend to make AesGcm
fall back to .NET's AesGcm
on macOS (if it was available and worked), but there seems to have been some kind of serious issue in .NET Core 3.1 and .NET 5.0 that made it impossible to detect .NET AesGcm
's usability - any attempt to use it caused the whole application to crash (instead of just raising an exception).
We might change this in the future, but if we do, we would most likely add a way to specify which implementation to use.
(As a side note, AesGcm uses MS CNG API on Windows.)