Supporting Encrypted Content-Encoding in HttpClient - Replacing Bouncy Castle With .NET Core

More than three years ago I've written about supporting Encrypted Content-Encoding in HttpClient. Back then I've used Bouncy Castle for AES GCM encryption and decryption. It was a logical choice as Bouncy Castle was, and in many cases still is, the go-to library for many cryptographic algorithms and protocols. But time has passed and .NET has been growing. With the release of .NET Core 3.0, we have been given built-in support for AES GCM and I've decided to replace Bouncy Castle with it.

Encrypting

AES GCM encryption with Bouncy Castle has three steps: configuration, processing, and finalization. In the configuration step, one needs to provide key and nonce (I will not describe specifics of generating nonce according to Encrypted Content-Encoding specification here, as I did it in encoding post). The processing step is about feeding the configured cipher instance with plaintext bytes which results in filling ciphertext buffer. In the finalization step, the cipher will generate an authentication tag into the ciphertext buffer. The below code illustrates those steps.

internal class Aes128GcmCipher : IDisposable
{
    ...

    public int Encrypt(byte[] plainText, int plainTextLength, byte[] cipherTextBuffer, ulong recordSequenceNumber)
    {
        ConfigureAes128GcmCipher(_aes128GcmCipher, true, _key, _nonceInfoParameterHash, recordSequenceNumber);

        return Aes128GcmCipherProcessBytes(_aes128GcmCipher, plainText, plainTextLength, cipherTextBuffer);
    }

    private static void ConfigureAes128GcmCipher(GcmBlockCipher aes128GcmCipher, bool forEncryption,
        KeyParameter key, byte[] non