diff --git a/src/libraries/Common/src/Interop/Windows/BCrypt/BCryptAeadHandleCache.cs b/src/libraries/Common/src/Interop/Windows/BCrypt/BCryptAeadHandleCache.cs
index 60941688533ba6..10333f03f775c0 100644
--- a/src/libraries/Common/src/Interop/Windows/BCrypt/BCryptAeadHandleCache.cs
+++ b/src/libraries/Common/src/Interop/Windows/BCrypt/BCryptAeadHandleCache.cs
@@ -10,15 +10,17 @@ namespace Internal.Cryptography
 {
     internal static class BCryptAeadHandleCache
     {
-        private static SafeAlgorithmHandle? s_aesCcm;
         private static SafeAlgorithmHandle? s_aesGcm;
+#if NET
+        private static SafeAlgorithmHandle? s_aesCcm;
         private static SafeAlgorithmHandle? s_chaCha20Poly1305;
 
-        internal static SafeAlgorithmHandle AesCcm => GetCachedAlgorithmHandle(ref s_aesCcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_CCM);
-        internal static SafeAlgorithmHandle AesGcm => GetCachedAlgorithmHandle(ref s_aesGcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_GCM);
-
         internal static bool IsChaCha20Poly1305Supported { get; } = OperatingSystem.IsWindowsVersionAtLeast(10, 0, 20142);
         internal static SafeAlgorithmHandle ChaCha20Poly1305 => GetCachedAlgorithmHandle(ref s_chaCha20Poly1305, Cng.BCRYPT_CHACHA20_POLY1305_ALGORITHM);
+        internal static SafeAlgorithmHandle AesCcm => GetCachedAlgorithmHandle(ref s_aesCcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_CCM);
+#endif
+
+        internal static SafeAlgorithmHandle AesGcm => GetCachedAlgorithmHandle(ref s_aesGcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_GCM);
 
         private static SafeAlgorithmHandle GetCachedAlgorithmHandle(ref SafeAlgorithmHandle? handle, string algId, string? chainingMode = null)
         {
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AeadCommon.Windows.cs b/src/libraries/Common/src/System/Security/Cryptography/AeadCommon.Windows.cs
similarity index 100%
rename from src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AeadCommon.Windows.cs
rename to src/libraries/Common/src/System/Security/Cryptography/AeadCommon.Windows.cs
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesAEAD.cs b/src/libraries/Common/src/System/Security/Cryptography/AesAEAD.cs
similarity index 57%
rename from src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesAEAD.cs
rename to src/libraries/Common/src/System/Security/Cryptography/AesAEAD.cs
index 26322fe82265a6..7d02a66b6d08f0 100644
--- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesAEAD.cs
+++ b/src/libraries/Common/src/System/Security/Cryptography/AesAEAD.cs
@@ -1,15 +1,13 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using Internal.Cryptography;
-
 namespace System.Security.Cryptography
 {
-    internal static partial class AesAEAD
+    internal static class AesAEAD
     {
-        public static void CheckKeySize(int keySizeInBytes)
+        internal static void CheckKeySize(int keySizeInBytes)
         {
-            if (keySizeInBytes != (128 / 8) && keySizeInBytes != (192 / 8) && keySizeInBytes != (256 / 8))
+            if (keySizeInBytes is not (128 / 8 or 192 / 8 or 256 / 8))
             {
                 throw new CryptographicException(SR.Cryptography_InvalidKeySize);
             }
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Windows.cs b/src/libraries/Common/src/System/Security/Cryptography/AesGcm.Windows.cs
similarity index 68%
rename from src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Windows.cs
rename to src/libraries/Common/src/System/Security/Cryptography/AesGcm.Windows.cs
index 305fccb16188e6..b6866563a07dbe 100644
--- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Windows.cs
+++ b/src/libraries/Common/src/System/Security/Cryptography/AesGcm.Windows.cs
@@ -4,43 +4,46 @@
 using System.Diagnostics.CodeAnalysis;
 using Internal.Cryptography;
 using Internal.NativeCrypto;
+using System.Runtime.InteropServices;
 
 namespace System.Security.Cryptography
 {
     public partial class AesGcm
     {
         private SafeKeyHandle _keyHandle;
+        private static readonly KeySizes s_tagByteSizes = new KeySizes(12, 16, 1);
 
-        public static bool IsSupported => true;
-        public static KeySizes TagByteSizes { get; } = new KeySizes(12, 16, 1);
+        public static partial bool IsSupported => true;
+
+        public static partial KeySizes TagByteSizes => s_tagByteSizes;
 
         [MemberNotNull(nameof(_keyHandle))]
-        private void ImportKey(ReadOnlySpan<byte> key)
+        private partial void ImportKey(ReadOnlySpan<byte> key)
         {
             _keyHandle = Interop.BCrypt.BCryptImportKey(BCryptAeadHandleCache.AesGcm, key);
         }
 
-        private void EncryptCore(
+        private partial void EncryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> plaintext,
             Span<byte> ciphertext,
             Span<byte> tag,
-            ReadOnlySpan<byte> associatedData = default)
+            ReadOnlySpan<byte> associatedData)
         {
             AeadCommon.Encrypt(_keyHandle, nonce, associatedData, plaintext, ciphertext, tag);
         }
 
-        private void DecryptCore(
+        private partial void DecryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> ciphertext,
             ReadOnlySpan<byte> tag,
             Span<byte> plaintext,
-            ReadOnlySpan<byte> associatedData = default)
+            ReadOnlySpan<byte> associatedData)
         {
             AeadCommon.Decrypt(_keyHandle, nonce, associatedData, ciphertext, tag, plaintext, clearPlaintextOnFailure: true);
         }
 
-        public void Dispose()
+        public partial void Dispose()
         {
             _keyHandle.Dispose();
         }
diff --git a/src/libraries/Common/src/System/Security/Cryptography/AesGcm.cs b/src/libraries/Common/src/System/Security/Cryptography/AesGcm.cs
new file mode 100644
index 00000000000000..c29307afd1aef4
--- /dev/null
+++ b/src/libraries/Common/src/System/Security/Cryptography/AesGcm.cs
@@ -0,0 +1,353 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using System.Diagnostics;
+using System.Runtime.Versioning;
+using Internal.Cryptography;
+
+namespace System.Security.Cryptography
+{
+    /// <summary>
+    /// Represents an Advanced Encryption Standard (AES) key to be used with the Galois/Counter Mode (GCM) mode of operation.
+    /// </summary>
+    public sealed partial class AesGcm : IDisposable
+    {
+        private const int NonceSize = 12;
+
+        /// <summary>
+        /// Gets the nonce sizes, in bytes, supported by this instance.
+        /// </summary>
+        /// <value>
+        /// The nonce sizes supported by this instance: 12 bytes (96 bits).
+        /// </value>
+        public static KeySizes NonceByteSizes { get; } = new KeySizes(NonceSize, NonceSize, 1);
+
+        /// <summary>
+        /// Gets the size of the tag, in bytes.
+        /// </summary>
+        /// <value>
+        /// The size of the tag that must be used for encryption or decryption, or <see langword="null" /> if the
+        /// tag size is unspecified.
+        /// </value>
+        public int? TagSizeInBytes { get; }
+
+        /// <summary>
+        /// Gets the tag sizes, in bytes, supported by this instance.
+        /// </summary>
+        /// <value>
+        /// The tag sizes supported by this instance: 12, 13, 14, 15, or 16 bytes (96, 104, 112, 120, or 128 bits).
+        /// </value>
+        public static partial KeySizes TagByteSizes { get; }
+
+        /// <summary>
+        /// Gets a value that indicates whether the algorithm is supported on the current platform.
+        /// </summary>
+        /// <value>
+        /// <see langword="true"/> if the algorithm is supported; otherwise, <see langword="false"/>.
+        /// </value>
+        public static partial bool IsSupported { get; }
+
+        /// <summary>
+        ///   Initializes a new instance of the <see cref="AesGcm" /> class with a provided key and required tag size.
+        /// </summary>
+        /// <param name="key">The secret key to use for this instance.</param>
+        /// <param name="tagSizeInBytes">The size of the tag, in bytes, that encryption and decryption must use.</param>
+        /// <exception cref="CryptographicException">
+        ///   The <paramref name="key" /> parameter length is other than 16, 24, or 32 bytes (128, 192, or 256 bits).
+        /// </exception>
+        /// <exception cref="ArgumentException">
+        ///   The <paramref name="tagSizeInBytes" /> parameter is an unsupported tag size indicated by
+        ///   <see cref="TagByteSizes" />.
+        /// </exception>
+        /// <exception cref="PlatformNotSupportedException">
+        ///   The current platform does not support AES-GCM.
+        /// </exception>
+        /// <remarks>
+        ///   The <paramref name="tagSizeInBytes" /> parameter is used to indicate that the tag parameter in <c>Encrypt</c>
+        ///   or <c>Decrypt</c> must be exactly this size. Indicating the required tag size prevents issues where callers
+        ///   of <c>Decrypt</c> may supply a tag as input and that input is truncated to an unexpected size.
+        /// </remarks>
+        public AesGcm(ReadOnlySpan<byte> key, int tagSizeInBytes)
+        {
+            ThrowIfNotSupported();
+
+            AesAEAD.CheckKeySize(key.Length);
+
+            if (!tagSizeInBytes.IsLegalSize(TagByteSizes))
+            {
+                throw new ArgumentException(SR.Cryptography_InvalidTagLength, nameof(tagSizeInBytes));
+            }
+
+            TagSizeInBytes = tagSizeInBytes;
+            ImportKey(key);
+        }
+
+        /// <summary>
+        ///   Initializes a new instance of the <see cref="AesGcm" /> class with a provided key and required tag size.
+        /// </summary>
+        /// <param name="key">The secret key to use for this instance.</param>
+        /// <param name="tagSizeInBytes">The size of the tag, in bytes, that encryption and decryption must use.</param>
+        /// <exception cref="ArgumentNullException">The <paramref name="key" /> parameter is null.</exception>
+        /// <exception cref="CryptographicException">
+        ///   The <paramref name="key" /> parameter length is other than 16, 24, or 32 bytes (128, 192, or 256 bits).
+        /// </exception>
+        /// <exception cref="ArgumentException">
+        ///   The <paramref name="tagSizeInBytes" /> parameter is an unsupported tag size indicated by
+        ///   <see cref="TagByteSizes" />.
+        /// </exception>
+        /// <exception cref="PlatformNotSupportedException">
+        ///   The current platform does not support AES-GCM.
+        /// </exception>
+        /// <remarks>
+        ///   The <paramref name="tagSizeInBytes" /> parameter is used to indicate that the tag parameter in <c>Encrypt</c>
+        ///   or <c>Decrypt</c> must be exactly this size. Indicating the required tag size prevents issues where callers
+        ///   of <c>Decrypt</c> may supply a tag as input and that input is truncated to an unexpected size.
+        /// </remarks>
+        public AesGcm(byte[] key, int tagSizeInBytes)
+            : this(new ReadOnlySpan<byte>(key ?? throw new ArgumentNullException(nameof(key))), tagSizeInBytes)
+        {
+        }
+
+        private partial void ImportKey(ReadOnlySpan<byte> key);
+
+        private partial void DecryptCore(
+            ReadOnlySpan<byte> nonce,
+            ReadOnlySpan<byte> ciphertext,
+            ReadOnlySpan<byte> tag,
+            Span<byte> plaintext,
+            ReadOnlySpan<byte> associatedData);
+
+        private partial void EncryptCore(
+            ReadOnlySpan<byte> nonce,
+            ReadOnlySpan<byte> plaintext,
+            Span<byte> ciphertext,
+            Span<byte> tag,
+            ReadOnlySpan<byte> associatedData);
+
+        /// <summary>
+        ///   Encrypts the plaintext into the ciphertext destination buffer and generates the authentication tag
+        ///   into a separate buffer.
+        /// </summary>
+        /// <param name="nonce">
+        ///   The nonce associated with this message, which should be a unique value for every operation with the
+        ///   same key.
+        /// </param>
+        /// <param name="plaintext">The content to encrypt.</param>
+        /// <param name="ciphertext">The byte array to receive the encrypted contents.</param>
+        /// <param name="tag">The byte array to receive the generated authentication tag.</param>
+        /// <param name="associatedData">
+        ///   Extra data associated with this message, which must also be provided during decryption.
+        /// </param>
+        /// <remarks>
+        ///   The security guarantees of the AES-GCM algorithm mode require that the same nonce value is never used
+        ///   twice with the same key.
+        /// </remarks>
+        /// <exception cref="ArgumentException">
+        ///   <para>The <paramref name="plaintext" /> parameter and the <paramref name="ciphertext" /> do not have the same length.</para>
+        ///   <para> -or- </para>
+        ///   <para>The <paramref name="nonce" /> parameter length is not permitted by <see cref="AesGcm.NonceByteSizes" />.</para>
+        ///   <para> -or- </para>
+        ///   <para>The <paramref name="tag" /> parameter length is not permitted by <see cref="AesGcm.TagByteSizes" />.</para>
+        /// </exception>
+        /// <exception cref="ArgumentNullException">
+        ///   The <paramref name="nonce" />, <paramref name="ciphertext" />, <paramref name="tag" />, or
+        ///   <paramref name="plaintext" /> parameter is <see langword="null" />.
+        /// </exception>
+        /// <exception cref="CryptographicException">The encryption operation failed.</exception>
+        public void Encrypt(byte[] nonce, byte[] plaintext, byte[] ciphertext, byte[] tag, byte[]? associatedData = null)
+        {
+#if NET
+            ArgumentNullException.ThrowIfNull(nonce);
+            ArgumentNullException.ThrowIfNull(plaintext);
+            ArgumentNullException.ThrowIfNull(ciphertext);
+            ArgumentNullException.ThrowIfNull(tag);
+#else
+            if (nonce is null)
+                throw new ArgumentNullException(nameof(nonce));
+
+            if (plaintext is null)
+                throw new ArgumentNullException(nameof(plaintext));
+
+            if (ciphertext is null)
+                throw new ArgumentNullException(nameof(ciphertext));
+
+            if (tag is null)
+                throw new ArgumentNullException(nameof(tag));
+#endif
+
+            Encrypt((ReadOnlySpan<byte>)nonce, plaintext, ciphertext, tag, associatedData);
+        }
+
+
+        /// <summary>
+        ///   Encrypts the plaintext into the ciphertext destination buffer and generates the authentication tag
+        ///   into a separate buffer.
+        /// </summary>
+        /// <param name="nonce">
+        ///   The nonce associated with this message, which should be a unique value for every operation with the
+        ///   same key.
+        /// </param>
+        /// <param name="plaintext">The content to encrypt.</param>
+        /// <param name="ciphertext">The byte array to receive the encrypted contents.</param>
+        /// <param name="tag">The byte array to receive the generated authentication tag.</param>
+        /// <param name="associatedData">
+        ///   Extra data associated with this message, which must also be provided during decryption.
+        /// </param>
+        /// <remarks>
+        ///   The security guarantees of the AES-GCM algorithm mode require that the same nonce value is never used
+        ///   twice with the same key.
+        /// </remarks>
+        /// <exception cref="ArgumentException">
+        ///   <para>The <paramref name="plaintext" /> parameter and the <paramref name="ciphertext" /> do not have the same length.</para>
+        ///   <para> -or- </para>
+        ///   <para>The <paramref name="nonce" /> parameter length is not permitted by <see cref="AesGcm.NonceByteSizes" />.</para>
+        ///   <para> -or- </para>
+        ///   <para>The <paramref name="tag" /> parameter length is not permitted by <see cref="AesGcm.TagByteSizes" />.</para>
+        /// </exception>
+        /// <exception cref="CryptographicException">The encryption operation failed.</exception>
+        public void Encrypt(
+            ReadOnlySpan<byte> nonce,
+            ReadOnlySpan<byte> plaintext,
+            Span<byte> ciphertext,
+            Span<byte> tag,
+            ReadOnlySpan<byte> associatedData = default)
+        {
+            CheckParameters(plaintext, ciphertext, nonce, tag);
+            EncryptCore(nonce, plaintext, ciphertext, tag, associatedData);
+        }
+
+        /// <summary>
+        ///   Decrypts the ciphertext into the provided destination buffer if the authentication tag can be validated.
+        /// </summary>
+        /// <param name="nonce">
+        ///   The nonce associated with this message, which must match the value provided during encryption
+        /// </param>
+        /// <param name="ciphertext">The encrypted content to decrypt.</param>
+        /// <param name="tag">The authentication tag produced for this message during encryption.</param>
+        /// <param name="plaintext">The byte array to receive the decrypted contents.</param>
+        /// <param name="associatedData">
+        ///   Extra data associated with this message, which must match the value provided during encryption
+        /// </param>
+        /// <remarks>
+        ///   If <c>tag</c> cannot be validated (using the key, <c>nonce</c>, <c>ciphertext</c>, and
+        ///   <c>associatedData</c> values), then <c>plaintext</c> is cleared.
+        /// </remarks>
+        /// <exception cref="ArgumentException">
+        ///   <para>The <paramref name="plaintext" /> parameter and the <paramref name="ciphertext" /> do not have the same length.</para>
+        ///   <para> -or- </para>
+        ///   <para>The <paramref name="nonce" /> parameter length is not permitted by <see cref="AesGcm.NonceByteSizes" />.</para>
+        ///   <para> -or- </para>
+        ///   <para>The <paramref name="tag" /> parameter length is not permitted by <see cref="AesGcm.TagByteSizes" />.</para>
+        /// </exception>
+        /// <exception cref="ArgumentNullException">
+        ///   The <paramref name="nonce" />, <paramref name="ciphertext" />, <paramref name="tag" />, or
+        ///   <paramref name="plaintext" /> parameter is <see langword="null" />.
+        /// </exception>
+        /// <exception cref="CryptographicException">
+        ///   The decryption operation failed. Prior to .NET 8, indicates the tag value could not be verified.
+        /// </exception>
+        /// <exception cref="AuthenticationTagMismatchException">The tag value could not be verified.</exception>
+        public void Decrypt(byte[] nonce, byte[] ciphertext, byte[] tag, byte[] plaintext, byte[]? associatedData = null)
+        {
+#if NET
+            ArgumentNullException.ThrowIfNull(nonce);
+            ArgumentNullException.ThrowIfNull(ciphertext);
+            ArgumentNullException.ThrowIfNull(tag);
+            ArgumentNullException.ThrowIfNull(plaintext);
+#else
+            if (nonce is null)
+                throw new ArgumentNullException(nameof(nonce));
+
+            if (ciphertext is null)
+                throw new ArgumentNullException(nameof(ciphertext));
+
+            if (tag is null)
+                throw new ArgumentNullException(nameof(tag));
+
+            if (plaintext is null)
+                throw new ArgumentNullException(nameof(plaintext));
+#endif
+
+            Decrypt((ReadOnlySpan<byte>)nonce, ciphertext, tag, plaintext, associatedData);
+        }
+
+        /// <summary>
+        ///   Decrypts the ciphertext into the provided destination buffer if the authentication tag can be validated.
+        /// </summary>
+        /// <param name="nonce">
+        ///   The nonce associated with this message, which must match the value provided during encryption
+        /// </param>
+        /// <param name="ciphertext">The encrypted content to decrypt.</param>
+        /// <param name="tag">The authentication tag produced for this message during encryption.</param>
+        /// <param name="plaintext">The byte span to receive the decrypted contents.</param>
+        /// <param name="associatedData">
+        ///   Extra data associated with this message, which must match the value provided during encryption
+        /// </param>
+        /// <remarks>
+        ///   If <c>tag</c> cannot be validated (using the key, <c>nonce</c>, <c>ciphertext</c>, and
+        ///   <c>associatedData</c> values), then <c>plaintext</c> is cleared.
+        /// </remarks>
+        /// <exception cref="ArgumentException">
+        ///   <para>The <paramref name="plaintext" /> parameter and the <paramref name="ciphertext" /> do not have the same length.</para>
+        ///   <para> -or- </para>
+        ///   <para>The <paramref name="nonce" /> parameter length is not permitted by <see cref="AesGcm.NonceByteSizes" />.</para>
+        ///   <para> -or- </para>
+        ///   <para>The <paramref name="tag" /> parameter length is not permitted by <see cref="AesGcm.TagByteSizes" />.</para>
+        /// </exception>
+        /// <exception cref="CryptographicException">
+        ///   The decryption operation failed. Prior to .NET 8, indicates the tag value could not be verified.
+        /// </exception>
+        /// <exception cref="AuthenticationTagMismatchException">The tag value could not be verified.</exception>
+        public void Decrypt(
+            ReadOnlySpan<byte> nonce,
+            ReadOnlySpan<byte> ciphertext,
+            ReadOnlySpan<byte> tag,
+            Span<byte> plaintext,
+            ReadOnlySpan<byte> associatedData = default)
+        {
+            CheckParameters(plaintext, ciphertext, nonce, tag);
+            DecryptCore(nonce, ciphertext, tag, plaintext, associatedData);
+        }
+
+        /// <summary>
+        /// Releases the resources used by the current instance of the <see cref="AesGcm"/> class.
+        /// </summary>
+        public partial void Dispose();
+
+        private void CheckParameters(
+            ReadOnlySpan<byte> plaintext,
+            ReadOnlySpan<byte> ciphertext,
+            ReadOnlySpan<byte> nonce,
+            ReadOnlySpan<byte> tag)
+        {
+            if (plaintext.Length != ciphertext.Length)
+                throw new ArgumentException(SR.Cryptography_PlaintextCiphertextLengthMismatch);
+
+            if (!nonce.Length.IsLegalSize(NonceByteSizes))
+                throw new ArgumentException(SR.Cryptography_InvalidNonceLength, nameof(nonce));
+
+            if (TagSizeInBytes is int tagSizeInBytes)
+            {
+                // constructor promise
+                Debug.Assert(tagSizeInBytes.IsLegalSize(TagByteSizes));
+
+                if (tag.Length != tagSizeInBytes)
+                {
+                    throw new ArgumentException(SR.Format(SR.Cryptography_IncorrectTagLength, tagSizeInBytes), nameof(tag));
+                }
+            }
+            else if (!tag.Length.IsLegalSize(TagByteSizes))
+            {
+                throw new ArgumentException(SR.Cryptography_InvalidTagLength, nameof(tag));
+            }
+        }
+
+        private static void ThrowIfNotSupported()
+        {
+            if (!IsSupported)
+            {
+                throw new PlatformNotSupportedException(SR.Format(SR.Cryptography_AlgorithmNotSupported, nameof(AesGcm)));
+            }
+        }
+    }
+}
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AuthenticationTagMismatchException.cs b/src/libraries/Common/src/System/Security/Cryptography/AuthenticationTagMismatchException.cs
similarity index 100%
rename from src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AuthenticationTagMismatchException.cs
rename to src/libraries/Common/src/System/Security/Cryptography/AuthenticationTagMismatchException.cs
diff --git a/src/libraries/System.Security.Cryptography/tests/AesGcmTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AesGcmTests.cs
similarity index 97%
rename from src/libraries/System.Security.Cryptography/tests/AesGcmTests.cs
rename to src/libraries/Common/tests/System/Security/Cryptography/AesGcmTests.cs
index d8fe8367106fc7..0bfe2677a0ef74 100644
--- a/src/libraries/System.Security.Cryptography/tests/AesGcmTests.cs
+++ b/src/libraries/Common/tests/System/Security/Cryptography/AesGcmTests.cs
@@ -18,15 +18,15 @@ public class AesGcmTests : CommonAEADTests
         public static void EncryptTamperAADDecrypt(int dataLength, int additionalDataLength)
         {
             byte[] additionalData = new byte[additionalDataLength];
-            RandomNumberGenerator.Fill(additionalData);
+            FillRandom(additionalData);
 
             byte[] plaintext = Enumerable.Range(1, dataLength).Select((x) => (byte)x).ToArray();
             byte[] ciphertext = new byte[dataLength];
             byte[] key = new byte[16];
             byte[] nonce = new byte[AesGcm.NonceByteSizes.MinSize];
             byte[] tag = new byte[AesGcm.TagByteSizes.MinSize];
-            RandomNumberGenerator.Fill(key);
-            RandomNumberGenerator.Fill(nonce);
+            FillRandom(key);
+            FillRandom(nonce);
 
             using (var aesGcm = new AesGcm(key, tag.Length))
             {
@@ -50,10 +50,12 @@ public static void EncryptTamperAADDecrypt(int dataLength, int additionalDataLen
         public static void InvalidKeyLength(int keyLength)
         {
             byte[] key = new byte[keyLength];
+#if NET
 #pragma warning disable SYSLIB0053
             Assert.Throws<CryptographicException>(() => new AesGcm(key));
             Assert.Throws<CryptographicException>(() => new AesGcm(key.AsSpan()));
 #pragma warning restore SYSLIB0053
+#endif
             Assert.Throws<CryptographicException>(() => new AesGcm(key, AesGcm.TagByteSizes.MinSize));
             Assert.Throws<CryptographicException>(() => new AesGcm(key.AsSpan(), AesGcm.TagByteSizes.MinSize));
         }
@@ -68,8 +70,8 @@ public static void InvalidNonceSize(int nonceSize)
             byte[] key = new byte[16];
             byte[] nonce = new byte[nonceSize];
             byte[] tag = new byte[AesGcm.TagByteSizes.MinSize];
-            RandomNumberGenerator.Fill(key);
-            RandomNumberGenerator.Fill(nonce);
+            FillRandom(key);
+            FillRandom(nonce);
 
             using (var aesGcm = new AesGcm(key, AesGcm.TagByteSizes.MinSize))
             {
@@ -87,8 +89,8 @@ public static void ValidNonceSize(int nonceSize)
             byte[] key = new byte[16];
             byte[] nonce = new byte[nonceSize];
             byte[] tag = new byte[AesGcm.TagByteSizes.MinSize];
-            RandomNumberGenerator.Fill(key);
-            RandomNumberGenerator.Fill(nonce);
+            FillRandom(key);
+            FillRandom(nonce);
 
             using (var aesGcm = new AesGcm(key, AesGcm.TagByteSizes.MinSize))
             {
@@ -100,6 +102,7 @@ public static void ValidNonceSize(int nonceSize)
             }
         }
 
+#if NET
         [Theory]
         [MemberData(nameof(GetInvalidTagSizes))]
         public static void InvalidTagSizeForUnspecifiedRequiredTag(int tagSize)
@@ -110,8 +113,8 @@ public static void InvalidTagSizeForUnspecifiedRequiredTag(int tagSize)
             byte[] key = new byte[16];
             byte[] nonce = new byte[12];
             byte[] tag = new byte[tagSize];
-            RandomNumberGenerator.Fill(key);
-            RandomNumberGenerator.Fill(nonce);
+            FillRandom(key);
+            FillRandom(nonce);
 
 #pragma warning disable SYSLIB0053
             using (var aesGcm = new AesGcm(key))
@@ -121,6 +124,7 @@ public static void InvalidTagSizeForUnspecifiedRequiredTag(int tagSize)
                 Assert.Throws<ArgumentException>("tag", () => aesGcm.Decrypt(nonce, ciphertext, tag, plaintext));
             }
         }
+#endif
 
         [Theory]
         [MemberData(nameof(GetInvalidTagSizes))]
@@ -141,8 +145,8 @@ public static void ValidTagSize(int tagSize)
             byte[] key = new byte[16];
             byte[] nonce = new byte[12];
             byte[] tag = new byte[tagSize];
-            RandomNumberGenerator.Fill(key);
-            RandomNumberGenerator.Fill(nonce);
+            FillRandom(key);
+            FillRandom(nonce);
 
             using (var aesGcm = new AesGcm(key, tagSize))
             {
@@ -254,9 +258,11 @@ public static void PlaintextAndCiphertextSizeDiffer(int ptLen, int ctLen)
         [Fact]
         public static void NullKey()
         {
+#if NET
 #pragma warning disable SYSLIB0053
             Assert.Throws<ArgumentNullException>(() => new AesGcm((byte[])null));
 #pragma warning restore SYSLIB0053
+#endif
             Assert.Throws<ArgumentNullException>(() => new AesGcm((byte[])null, AesGcm.TagByteSizes.MinSize));
         }
 
@@ -328,7 +334,7 @@ public static void InplaceEncryptDecrypt()
             byte[] originalPlaintext = new byte[] { 1, 2, 8, 12, 16, 99, 0 };
             byte[] data = (byte[])originalPlaintext.Clone();
             byte[] tag = new byte[16];
-            RandomNumberGenerator.Fill(nonce);
+            FillRandom(nonce);
 
             using (var aesGcm = new AesGcm(key, tag.Length))
             {
@@ -348,7 +354,7 @@ public static void InplaceEncryptTamperTagDecrypt()
             byte[] originalPlaintext = new byte[] { 1, 2, 8, 12, 16, 99, 0 };
             byte[] data = (byte[])originalPlaintext.Clone();
             byte[] tag = new byte[16];
-            RandomNumberGenerator.Fill(nonce);
+            FillRandom(nonce);
 
             using (var aesGcm = new AesGcm(key, tag.Length))
             {
@@ -363,6 +369,7 @@ public static void InplaceEncryptTamperTagDecrypt()
             }
         }
 
+#if NET
         [Theory]
         [MemberData(nameof(GetNistGcmTestCases))]
         public static void AesGcmNistTestsUnspecifiedTagSize(AEADTest testCase)
@@ -398,6 +405,7 @@ public static void AesGcmNistTestsUnspecifiedTagSize(AEADTest testCase)
                 }
             }
         }
+#endif
 
         [Theory]
         [MemberData(nameof(GetNistGcmTestCases))]
@@ -445,7 +453,7 @@ public static void AesGcmNistTestsTamperTag(AEADTest testCase)
                 tag[0] ^= 1;
 
                 byte[] plaintext = new byte[testCase.Plaintext.Length];
-                RandomNumberGenerator.Fill(plaintext);
+                FillRandom(plaintext);
                 Assert.Throws<AuthenticationTagMismatchException>(
                     () => aesGcm.Decrypt(testCase.Nonce, ciphertext, tag, plaintext, testCase.AssociatedData));
                 Assert.Equal(new byte[plaintext.Length], plaintext);
@@ -471,7 +479,9 @@ public static void AesGcmNistTestsTamperCiphertext(AEADTest testCase)
 
                 ciphertext[0] ^= 1;
 
-                byte[] plaintext = RandomNumberGenerator.GetBytes(testCase.Plaintext.Length);
+                byte[] plaintext = new byte[testCase.Plaintext.Length];
+                FillRandom(plaintext);
+
                 Assert.Throws<AuthenticationTagMismatchException>(
                     () => aesGcm.Decrypt(testCase.Nonce, ciphertext, tag, plaintext, testCase.AssociatedData));
                 AssertExtensions.FilledWith<byte>(0, plaintext);
@@ -962,6 +972,20 @@ private static IEnumerable<AEADTest> GetNistTests()
                 Tag = "4ce8aff15debc1b23c50665b9c".HexToByteArray(),
             },
         };
+
+        private static void FillRandom(Span<byte> destination)
+        {
+#if NET
+            RandomNumberGenerator.Fill(destination);
+#else
+            using (RandomNumberGenerator generator = RandomNumberGenerator.Create())
+            {
+                byte[] bytes = new byte[destination.Length];
+                generator.GetBytes(bytes);
+                bytes.AsSpan().CopyTo(destination);
+            }
+#endif
+        }
     }
 
     public class AesGcmIsSupportedTests
@@ -971,12 +995,24 @@ public class AesGcmIsSupportedTests
         [ConditionalFact(nameof(RuntimeSaysIsNotSupported))]
         public static void CtorThrowsPNSEIfNotSupported()
         {
-            byte[] key = RandomNumberGenerator.GetBytes(256 / 8);
+            byte[] key;
+#if NET
+            key = RandomNumberGenerator.GetBytes(256 / 8);
+#else
+            key = new byte[256 / 8];
+
+            using (RandomNumberGenerator generator = RandomNumberGenerator.Create())
+            {
+                generator.GetBytes(key);
+            }
+#endif
 
+#if NET
 #pragma warning disable SYSLIB0053
             Assert.Throws<PlatformNotSupportedException>(() => new AesGcm(key));
             Assert.Throws<PlatformNotSupportedException>(() => new AesGcm(key.AsSpan()));
 #pragma warning restore SYSLIB0053
+#endif
 
             Assert.Throws<PlatformNotSupportedException>(() => new AesGcm(key, AesGcm.TagByteSizes.MinSize));
             Assert.Throws<PlatformNotSupportedException>(() => new AesGcm(key.AsSpan(), AesGcm.TagByteSizes.MinSize));
diff --git a/src/libraries/System.Security.Cryptography/tests/CommonAEADTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/CommonAEADTests.cs
similarity index 100%
rename from src/libraries/System.Security.Cryptography/tests/CommonAEADTests.cs
rename to src/libraries/Common/tests/System/Security/Cryptography/CommonAEADTests.cs
diff --git a/src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.Forwards.cs b/src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.Forwards.cs
index b7cb4dae61d56a..198e623ef8709d 100644
--- a/src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.Forwards.cs
+++ b/src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.Forwards.cs
@@ -2,6 +2,8 @@
 // The .NET Foundation licenses this file to you under the MIT license.
 
 #if NET8_0_OR_GREATER
+[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.AesGcm))]
+[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.AuthenticationTagMismatchException))]
 [assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.SP800108HmacCounterKdf))]
 #endif
 #if NET9_0_OR_GREATER
diff --git a/src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.csproj b/src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.csproj
index 85bc820fa08289..973f529be3106f 100644
--- a/src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.csproj
+++ b/src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.csproj
@@ -14,7 +14,7 @@
     <BuildX509Loader Condition="!$([MSBuild]::IsTargetFrameworkCompatible('$(TargetFramework)', 'net9.0'))">true</BuildX509Loader>
     <OmitResources Condition="'$(BuildX509Loader)' != 'true'">true</OmitResources>
   </PropertyGroup>
- 
+
   <Import Project="$(CommonPath)System\Security\Cryptography\Asn1\AsnXml.targets" Condition="'$(BuildX509Loader)' == 'true'" />
   <Import Project="$(CommonPath)System\Security\Cryptography\Asn1Reader\System.Security.Cryptography.Asn1Reader.Shared.projitems" Condition="'$(BuildX509Loader)' == 'true'" />
 
@@ -136,13 +136,13 @@
       <Link>Common\System\Security\Cryptography\Asn1\Pbkdf2SaltChoice.xml.cs</Link>
       <DependentUpon>Common\System\Security\Cryptography\Asn1\Pbkdf2SaltChoice.xml</DependentUpon>
     </Compile>
-   <AsnXml Include="$(CommonPath)System\Security\Cryptography\Asn1\PrivateKeyInfoAsn.xml">
+    <AsnXml Include="$(CommonPath)System\Security\Cryptography\Asn1\PrivateKeyInfoAsn.xml">
       <Link>Common\System\Security\Cryptography\Asn1\PrivateKeyInfoAsn.xml</Link>
     </AsnXml>
     <Compile Include="$(CommonPath)System\Security\Cryptography\Asn1\PrivateKeyInfoAsn.xml.cs">
       <Link>Common\System\Security\Cryptography\Asn1\PrivateKeyInfoAsn.xml.cs</Link>
       <DependentUpon>Common\System\Security\Cryptography\Asn1\PrivateKeyInfoAsn.xml</DependentUpon>
-    </Compile> 
+    </Compile>
     <AsnXml Include="$(CommonPath)System\Security\Cryptography\Asn1\Rc2CbcParameters.xml">
       <Link>Common\System\Security\Cryptography\Asn1\Rc2CbcParameters.xml</Link>
     </AsnXml>
@@ -255,7 +255,7 @@
     <Compile Include="$(CommonPath)Interop\Windows\Crypt32\Interop.ContentType.cs"
              Link="Common\Interop\Windows\Crypt32\Interop.ContentType.cs" />
     <Compile Include="$(CommonPath)Interop\Windows\Crypt32\Interop.CryptQueryObject_IntPtr_out.cs"
-             Link="Common\Interop\Windows\Crypt32\Interop.CryptQueryObject_IntPtr_out.cs" /> 
+             Link="Common\Interop\Windows\Crypt32\Interop.CryptQueryObject_IntPtr_out.cs" />
     <Compile Include="$(CommonPath)Interop\Windows\Crypt32\Interop.DATA_BLOB.cs"
              Link="Common\Interop\Windows\Crypt32\Interop.DATA_BLOB.cs" />
     <Compile Include="$(CommonPath)Interop\Windows\Crypt32\Interop.ExpectedContentTypeFlags.cs"
@@ -295,6 +295,31 @@
     <ProjectReference Include="$(LibrariesProjectRoot)System.Formats.Asn1\src\System.Formats.Asn1.csproj" />
   </ItemGroup>
 
+  <ItemGroup Condition="'$(TargetFrameworkIdentifier)' == '.NETFramework'">
+    <Compile Include="$(CommonPath)Interop\Windows\BCrypt\BCryptAeadHandleCache.cs"
+             Link="Common\Interop\Windows\BCrypt\BCryptAeadHandleCache.cs" />
+    <Compile Include="$(CommonPath)Interop\Windows\BCrypt\Cng.cs"
+             Link="Common\Interop\Windows\BCrypt\Cng.cs" />
+    <Compile Include="$(CommonPath)\Interop\Windows\BCrypt\Interop.BCryptEncryptDecrypt.cs"
+             Link="Common\Interop\Windows\BCrypt\Interop.BCryptEncryptDecrypt.cs" />
+    <Compile Include="$(CommonPath)\Interop\Windows\BCrypt\Interop.BCryptImportKey.cs"
+             Link="Common\Interop\Windows\BCrypt\Interop.BCryptImportKey.cs" />
+    <Compile Include="$(CommonPath)Interop\Windows\BCrypt\Interop.BCryptPropertyStrings.cs"
+             Link="Common\Interop\Windows\BCrypt\Interop.BCryptPropertyStrings.cs" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AeadCommon.Windows.cs"
+             Link="Common\System\Security\Cryptography\AeadCommon.Windows" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AesGcm.cs"
+             Link="Common\System\Security\Cryptography\AesGcm.cs" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AesGcm.Windows.cs"
+             Link="Common\System\Security\Cryptography\AesGcm.Windows.cs" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AesAEAD.cs"
+             Link="Common\System\Security\Cryptography\AesAEAD.cs" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AuthenticationTagMismatchException.cs"
+             Link="Common\System\Security\Cryptography\AuthenticationTagMismatchException.cs" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\KeySizeHelpers.cs"
+             Link="Common\System\Security\Cryptography\KeySizeHelpers.cs" />
+  </ItemGroup>
+
   <ItemGroup Condition="'$(TargetFrameworkIdentifier)' != '.NETCoreApp'">
     <PackageReference Include="System.Memory" Version="$(SystemMemoryVersion)" />
     <PackageReference Include="System.Runtime.CompilerServices.Unsafe" Version="$(SystemRuntimeCompilerServicesUnsafeVersion)" />
diff --git a/src/libraries/Microsoft.Bcl.Cryptography/src/PACKAGE.md b/src/libraries/Microsoft.Bcl.Cryptography/src/PACKAGE.md
index 215d29e162c4b6..ebbb68160c47de 100644
--- a/src/libraries/Microsoft.Bcl.Cryptography/src/PACKAGE.md
+++ b/src/libraries/Microsoft.Bcl.Cryptography/src/PACKAGE.md
@@ -28,7 +28,9 @@ internal static class Program
 
 The main types provided by this library are:
 
+* `System.Security.Cryptography.AesGcm`
 * `System.Security.Cryptography.SP800108HmacCounterKdf`
+* `System.Security.Cryptography.X509Certificates.X509CertificateLoader`
 
 ## Additional Documentation
 
diff --git a/src/libraries/Microsoft.Bcl.Cryptography/src/Resources/Strings.resx b/src/libraries/Microsoft.Bcl.Cryptography/src/Resources/Strings.resx
index 02e47cb969f047..0a9c247f690c41 100644
--- a/src/libraries/Microsoft.Bcl.Cryptography/src/Resources/Strings.resx
+++ b/src/libraries/Microsoft.Bcl.Cryptography/src/Resources/Strings.resx
@@ -84,12 +84,27 @@
   <data name="Cryptography_AlgorithmNotSupported" xml:space="preserve">
     <value>Algorithm '{0}' is not supported on this platform.</value>
   </data>
+  <data name="Cryptography_AuthTagMismatch" xml:space="preserve">
+    <value>The computed authentication tag did not match the input authentication tag.</value>
+  </data>
   <data name="Cryptography_Der_Invalid_Encoding" xml:space="preserve">
     <value>ASN1 corrupted data.</value>
   </data>
   <data name="Cryptography_HashAlgorithmNameNullOrEmpty" xml:space="preserve">
     <value>The hash algorithm name cannot be null or empty.</value>
   </data>
+  <data name="Cryptography_IncorrectTagLength" xml:space="preserve">
+    <value>The size of the specified tag does not match the expected size of {0}.</value>
+  </data>
+  <data name="Cryptography_InvalidKeySize" xml:space="preserve">
+    <value>Specified key is not a valid size for this algorithm.</value>
+  </data>
+  <data name="Cryptography_InvalidTagLength" xml:space="preserve">
+    <value>The specified tag is not a valid size for this algorithm.</value>
+  </data>
+  <data name="Cryptography_InvalidNonceLength" xml:space="preserve">
+    <value>The specified nonce is not a valid size for this algorithm.</value>
+  </data>
   <data name="Cryptography_NotValidPublicOrPrivateKey" xml:space="preserve">
     <value>Key is not a valid public or private key.</value>
   </data>
@@ -102,6 +117,9 @@
   <data name="Cryptography_Pkcs8_EncryptedReadFailed" xml:space="preserve">
     <value>The EncryptedPrivateKeyInfo structure was decoded but was not successfully interpreted, the password may be incorrect.</value>
   </data>
+  <data name="Cryptography_PlaintextCiphertextLengthMismatch" xml:space="preserve">
+    <value>Plaintext and ciphertext must have the same length.</value>
+  </data>
   <data name="Cryptography_UnknownAlgorithmIdentifier" xml:space="preserve">
     <value>The algorithm identified by '{0}' is unknown, not valid for the requested usage, or was not handled.</value>
   </data>
diff --git a/src/libraries/Microsoft.Bcl.Cryptography/src/System/Security/Cryptography/Helpers.cs b/src/libraries/Microsoft.Bcl.Cryptography/src/System/Security/Cryptography/Helpers.cs
index 0d2af61b8d6347..c51de135ddd9b4 100644
--- a/src/libraries/Microsoft.Bcl.Cryptography/src/System/Security/Cryptography/Helpers.cs
+++ b/src/libraries/Microsoft.Bcl.Cryptography/src/System/Security/Cryptography/Helpers.cs
@@ -5,11 +5,27 @@
 using System.Diagnostics;
 using System.Formats.Asn1;
 using System.Security.Cryptography;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
 
 namespace Internal.Cryptography
 {
     internal static partial class Helpers
     {
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        internal static unsafe ref readonly byte GetNonNullPinnableReference(ReadOnlySpan<byte> buffer)
+        {
+            // Based on the internal implementation from MemoryMarshal.
+            return ref buffer.Length != 0 ? ref MemoryMarshal.GetReference(buffer) : ref Unsafe.AsRef<byte>((void*)1);
+        }
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        internal static unsafe ref byte GetNonNullPinnableReference(Span<byte> buffer)
+        {
+            // Based on the internal implementation from MemoryMarshal.
+            return ref buffer.Length != 0 ? ref MemoryMarshal.GetReference(buffer) : ref Unsafe.AsRef<byte>((void*)1);
+        }
+
         internal static ReadOnlyMemory<byte> DecodeOctetStringAsMemory(ReadOnlyMemory<byte> encodedOctetString)
         {
             try
diff --git a/src/libraries/Microsoft.Bcl.Cryptography/tests/Microsoft.Bcl.Cryptography.Tests.csproj b/src/libraries/Microsoft.Bcl.Cryptography/tests/Microsoft.Bcl.Cryptography.Tests.csproj
index be85e50d295cbd..1c47527480b27a 100644
--- a/src/libraries/Microsoft.Bcl.Cryptography/tests/Microsoft.Bcl.Cryptography.Tests.csproj
+++ b/src/libraries/Microsoft.Bcl.Cryptography/tests/Microsoft.Bcl.Cryptography.Tests.csproj
@@ -5,11 +5,15 @@
   </PropertyGroup>
   <ItemGroup>
     <Compile Include="$(CommonPath)System\IO\MemoryMappedFiles\MemoryMappedFileMemoryManager.cs"
-             Link="Common\System\IO\MemoryMappedFiles\MemoryMappedFileMemoryManager.cs" /> 
+             Link="Common\System\IO\MemoryMappedFiles\MemoryMappedFileMemoryManager.cs" />
     <Compile Include="$(CommonPath)System\Memory\PointerMemoryManager.cs"
              Link="Common\System\Memory\PointerMemoryManager.cs" />
+    <Compile Include="$(CommonTestPath)System\Security\Cryptography\AesGcmTests.cs"
+             Link="CommonTest\System\Security\Cryptography\AesGcmTests.cs" />
     <Compile Include="$(CommonTestPath)System\Security\Cryptography\ByteUtils.cs"
              Link="CommonTest\System\Security\Cryptography\ByteUtils.cs" />
+    <Compile Include="$(CommonTestPath)System\Security\Cryptography\CommonAEADTests.cs"
+             Link="CommonTest\System\Security\Cryptography\CommonAEADTests.cs" />
     <Compile Include="$(CommonTestPath)System\Security\Cryptography\PlatformSupport.cs"
              Link="CommonTest\System\Security\Cryptography\PlatformSupport.cs" />
     <Compile Include="$(CommonTestPath)System\Security\Cryptography\CngKeyWrapper.cs"
diff --git a/src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj b/src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj
index 742c07dbcbfd4c..b4282bcb56dad0 100644
--- a/src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj
+++ b/src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj
@@ -298,6 +298,12 @@
       <Link>Common\System\Security\Cryptography\Asn1\Pkcs7\EncryptedDataAsn.xml.cs</Link>
       <DependentUpon>Common\System\Security\Cryptography\Asn1\Pkcs7\EncryptedDataAsn.xml</DependentUpon>
     </Compile>
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AesGcm.cs"
+             Link="Common\System\Security\Cryptography\AesGcm.cs" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AesAEAD.cs"
+             Link="Common\System\Security\Cryptography\AesAEAD.cs" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AuthenticationTagMismatchException.cs"
+             Link="Common\System\Security\Cryptography\AuthenticationTagMismatchException.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\CryptographicAttributeObject.cs"
              Link="Common\System\Security\Cryptography\CryptographicAttributeObject.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\CryptographicAttributeObjectCollection.cs"
@@ -388,7 +394,6 @@
              Link="Common\System\Text\ValueStringBuilder.cs" />
     <Compile Include="Microsoft\Win32\SafeHandles\SafePasswordHandle.cs" />
     <Compile Include="System\Security\Cryptography\Aes.cs" />
-    <Compile Include="System\Security\Cryptography\AesAEAD.cs" />
     <Compile Include="System\Security\Cryptography\AesCcm.cs" />
     <Compile Include="System\Security\Cryptography\AesCryptoServiceProvider.cs" />
     <Compile Include="System\Security\Cryptography\AesGcm.cs" />
@@ -404,7 +409,6 @@
     <Compile Include="System\Security\Cryptography\AsymmetricKeyExchangeFormatter.cs" />
     <Compile Include="System\Security\Cryptography\AsymmetricSignatureDeformatter.cs" />
     <Compile Include="System\Security\Cryptography\AsymmetricSignatureFormatter.cs" />
-    <Compile Include="System\Security\Cryptography\AuthenticationTagMismatchException.cs" />
     <Compile Include="System\Security\Cryptography\Base64Transforms.cs" />
     <Compile Include="System\Security\Cryptography\BasicSymmetricCipher.cs" />
     <Compile Include="System\Security\Cryptography\ChaCha20Poly1305.cs" />
@@ -1704,6 +1708,10 @@
              Link="Common\Microsoft\Win32\SafeHandles\SafeCryptMsgHandle.cs" />
     <Compile Include="$(CommonPath)Microsoft\Win32\SafeHandles\SafeUnicodeStringHandle.cs"
              Link="Microsoft\Win32\SafeHandles\SafeUnicodeStringHandle.cs" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AeadCommon.Windows.cs"
+             Link="Common\System\Security\Cryptography\AeadCommon.Windows" />
+    <Compile Include="$(CommonPath)System\Security\Cryptography\AesGcm.Windows.cs"
+             Link="Common\System\Security\Cryptography\AesGcm.Windows.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\CngPkcs8.cs"
              Link="Common\System\Security\Cryptography\CngPkcs8.cs" />
     <Compile Include="$(CommonPath)System\Security\Cryptography\CryptoThrowHelper.Windows.cs"
@@ -1741,10 +1749,8 @@
     <Compile Include="$(CommonPath)System\Security\Cryptography\SP800108HmacCounterKdfImplementationManaged.cs"
              Link="Common\System\Security\Cryptography\SP800108HmacCounterKdfImplementationManaged.cs" />
     <Compile Include="Microsoft\Win32\SafeHandles\NCryptSafeHandles.cs" />
-    <Compile Include="System\Security\Cryptography\AeadCommon.Windows.cs" />
     <Compile Include="System\Security\Cryptography\AesCcm.Windows.cs" />
     <Compile Include="System\Security\Cryptography\AesCng.Windows.cs" />
-    <Compile Include="System\Security\Cryptography\AesGcm.Windows.cs" />
     <Compile Include="System\Security\Cryptography\AesImplementation.Windows.cs" />
     <Compile Include="System\Security\Cryptography\AsnFormatter.Windows.cs" />
     <Compile Include="System\Security\Cryptography\BasicSymmetricCipherCsp.cs" />
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Android.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Android.cs
index 4b66635d3757f2..551ef7e32ca1ff 100644
--- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Android.cs
+++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Android.cs
@@ -10,12 +10,13 @@ namespace System.Security.Cryptography
     public sealed partial class AesGcm
     {
         private SafeEvpCipherCtxHandle _ctxHandle;
+        private static readonly KeySizes s_tagByteSizes = new KeySizes(12, 16, 1);
 
-        public static bool IsSupported => true;
-        public static KeySizes TagByteSizes { get; } = new KeySizes(12, 16, 1);
+        public static partial bool IsSupported => true;
+        public static partial KeySizes TagByteSizes => s_tagByteSizes;
 
         [MemberNotNull(nameof(_ctxHandle))]
-        private void ImportKey(ReadOnlySpan<byte> key)
+        private partial void ImportKey(ReadOnlySpan<byte> key)
         {
             // Convert key length to bits.
             _ctxHandle = Interop.Crypto.EvpCipherCreatePartial(GetCipher(key.Length * 8));
@@ -29,12 +30,12 @@ private void ImportKey(ReadOnlySpan<byte> key)
             Interop.Crypto.CipherSetNonceLength(_ctxHandle, NonceSize);
         }
 
-        private void EncryptCore(
+        private partial void EncryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> plaintext,
             Span<byte> ciphertext,
             Span<byte> tag,
-            ReadOnlySpan<byte> associatedData = default)
+            ReadOnlySpan<byte> associatedData)
         {
 
             if (!Interop.Crypto.CipherSetTagLength(_ctxHandle, tag.Length))
@@ -107,7 +108,7 @@ private void EncryptCore(
             }
         }
 
-        private void DecryptCore(
+        private partial void DecryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> ciphertext,
             ReadOnlySpan<byte> tag,
@@ -180,7 +181,7 @@ private static IntPtr GetCipher(int keySizeInBits)
             };
         }
 
-        public void Dispose()
+        public partial void Dispose()
         {
             _ctxHandle.Dispose();
         }
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Apple.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Apple.cs
index d09e55eafb89eb..b2621493ae2ec4 100644
--- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Apple.cs
+++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.Apple.cs
@@ -11,21 +11,27 @@ public sealed partial class AesGcm
     {
         private FixedMemoryKeyBox _keyBox;
 
+        // CryptoKit only supports 16 byte tags.
+        private static readonly KeySizes s_tagByteSizes = new KeySizes(16, 16, 1);
+
         // CryptoKit added AES.GCM in macOS 10.15, which is lower than our minimum target for macOS/MacCatalyst. On iOS/tvOS, it was added in 13.0.
-        public static bool IsSupported => OperatingSystem.IsMacOS() || OperatingSystem.IsMacCatalyst() || OperatingSystem.IsIOSVersionAtLeast(13) || OperatingSystem.IsTvOSVersionAtLeast(13);
+        public static partial bool IsSupported =>
+            OperatingSystem.IsMacOS() ||
+            OperatingSystem.IsMacCatalyst() ||
+            OperatingSystem.IsIOSVersionAtLeast(13) ||
+            OperatingSystem.IsTvOSVersionAtLeast(13);
 
-        // CryptoKit only supports 16 byte tags.
-        public static KeySizes TagByteSizes { get; } = new KeySizes(16, 16, 1);
+        public static partial KeySizes TagByteSizes => s_tagByteSizes;
 
         [MemberNotNull(nameof(_keyBox))]
-        private void ImportKey(ReadOnlySpan<byte> key)
+        private partial void ImportKey(ReadOnlySpan<byte> key)
         {
             // We should only be calling this in the constructor, so there shouldn't be a previous key.
             Debug.Assert(_keyBox is null);
             _keyBox = new FixedMemoryKeyBox(key);
         }
 
-        private void EncryptCore(
+        private partial void EncryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> plaintext,
             Span<byte> ciphertext,
@@ -54,7 +60,7 @@ private void EncryptCore(
             }
         }
 
-        private void DecryptCore(
+        private partial void DecryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> ciphertext,
             ReadOnlySpan<byte> tag,
@@ -83,6 +89,6 @@ private void DecryptCore(
             }
         }
 
-        public void Dispose() => _keyBox.Dispose();
+        public partial void Dispose() => _keyBox.Dispose();
     }
 }
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.NotSupported.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.NotSupported.cs
index 4fdf9a9d8e0dfa..6764bc4aa26fc5 100644
--- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.NotSupported.cs
+++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.NotSupported.cs
@@ -7,39 +7,39 @@ namespace System.Security.Cryptography
 {
     public partial class AesGcm
     {
-        public static bool IsSupported => false;
-        public static KeySizes TagByteSizes { get; } = new KeySizes(12, 16, 1);
+        public static partial bool IsSupported => false;
+        public static partial KeySizes TagByteSizes => new KeySizes(12, 16, 1);
 
 #pragma warning disable CA1822, IDE0060
-        private void ImportKey(ReadOnlySpan<byte> key)
+        private partial void ImportKey(ReadOnlySpan<byte> key)
         {
             Debug.Fail("Instance ctor should fail before we reach this point.");
             throw new NotImplementedException();
         }
 
-        private void EncryptCore(
+        private partial void EncryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> plaintext,
             Span<byte> ciphertext,
             Span<byte> tag,
-            ReadOnlySpan<byte> associatedData = default)
+            ReadOnlySpan<byte> associatedData)
         {
             Debug.Fail("Instance ctor should fail before we reach this point.");
             throw new NotImplementedException();
         }
 
-        private void DecryptCore(
+        private partial void DecryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> ciphertext,
             ReadOnlySpan<byte> tag,
             Span<byte> plaintext,
-            ReadOnlySpan<byte> associatedData = default)
+            ReadOnlySpan<byte> associatedData)
         {
             Debug.Fail("Instance ctor should fail before we reach this point.");
             throw new NotImplementedException();
         }
 
-        public void Dispose()
+        public partial void Dispose()
         {
             Debug.Fail("Instance ctor should fail before we reach this point.");
             // no-op
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.OpenSsl.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.OpenSsl.cs
index 7cc251b0610d47..731d294ae9da42 100644
--- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.OpenSsl.cs
+++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.OpenSsl.cs
@@ -10,12 +10,14 @@ namespace System.Security.Cryptography
     public sealed partial class AesGcm
     {
         private SafeEvpCipherCtxHandle _ctxHandle;
+        private static readonly KeySizes s_tagByteSizes = new KeySizes(12, 16, 1);
+        private static readonly bool s_isSupported = Interop.OpenSslNoInit.OpenSslIsAvailable;
 
-        public static bool IsSupported { get; } = Interop.OpenSslNoInit.OpenSslIsAvailable;
-        public static KeySizes TagByteSizes { get; } = new KeySizes(12, 16, 1);
+        public static partial bool IsSupported => s_isSupported;
+        public static partial KeySizes TagByteSizes => s_tagByteSizes;
 
         [MemberNotNull(nameof(_ctxHandle))]
-        private void ImportKey(ReadOnlySpan<byte> key)
+        private partial void ImportKey(ReadOnlySpan<byte> key)
         {
             _ctxHandle = Interop.Crypto.EvpCipherCreatePartial(GetCipher(key.Length * 8));
 
@@ -28,12 +30,12 @@ private void ImportKey(ReadOnlySpan<byte> key)
             Interop.Crypto.EvpCipherSetGcmNonceLength(_ctxHandle, NonceSize);
         }
 
-        private void EncryptCore(
+        private partial void EncryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> plaintext,
             Span<byte> ciphertext,
             Span<byte> tag,
-            ReadOnlySpan<byte> associatedData = default)
+            ReadOnlySpan<byte> associatedData)
         {
             Interop.Crypto.EvpCipherSetKeyAndIV(
                 _ctxHandle,
@@ -73,7 +75,7 @@ private void EncryptCore(
             Interop.Crypto.EvpCipherGetGcmTag(_ctxHandle, tag);
         }
 
-        private void DecryptCore(
+        private partial void DecryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> ciphertext,
             ReadOnlySpan<byte> tag,
@@ -132,7 +134,7 @@ private static IntPtr GetCipher(int keySizeInBits)
             }
         }
 
-        public void Dispose()
+        public partial void Dispose()
         {
             _ctxHandle.Dispose();
         }
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.cs
index 6135892934140d..b076a145fc99af 100644
--- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.cs
+++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/AesGcm.cs
@@ -1,9 +1,7 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using System.Diagnostics;
 using System.Runtime.Versioning;
-using Internal.Cryptography;
 
 namespace System.Security.Cryptography
 {
@@ -12,11 +10,8 @@ namespace System.Security.Cryptography
     [UnsupportedOSPlatform("tvos")]
     [SupportedOSPlatform("ios13.0")]
     [SupportedOSPlatform("tvos13.0")]
-    public sealed partial class AesGcm : IDisposable
+    public sealed partial class AesGcm
     {
-        private const int NonceSize = 12;
-        public static KeySizes NonceByteSizes { get; } = new KeySizes(NonceSize, NonceSize, 1);
-
         [Obsolete(Obsoletions.AesGcmTagConstructorMessage, DiagnosticId = Obsoletions.AesGcmTagConstructorDiagId, UrlFormat = Obsoletions.SharedUrlFormat)]
         public AesGcm(ReadOnlySpan<byte> key)
         {
@@ -31,153 +26,5 @@ public AesGcm(byte[] key)
             : this(new ReadOnlySpan<byte>(key ?? throw new ArgumentNullException(nameof(key))))
         {
         }
-
-        /// <summary>
-        ///   Initializes a new instance of the <see cref="AesGcm" /> class with a provided key and required tag size.
-        /// </summary>
-        /// <param name="key">The secret key to use for this instance.</param>
-        /// <param name="tagSizeInBytes">The size of the tag, in bytes, that encryption and decryption must use.</param>
-        /// <exception cref="CryptographicException">
-        ///   The <paramref name="key" /> parameter length is other than 16, 24, or 32 bytes (128, 192, or 256 bits).
-        /// </exception>
-        /// <exception cref="ArgumentException">
-        ///   The <paramref name="tagSizeInBytes" /> parameter is an unsupported tag size indicated by
-        ///   <see cref="TagByteSizes" />.
-        /// </exception>
-        /// <exception cref="PlatformNotSupportedException">
-        ///   The current platform does not support AES-GCM.
-        /// </exception>
-        /// <remarks>
-        ///   The <paramref name="tagSizeInBytes" /> parameter is used to indicate that the tag parameter in <c>Encrypt</c>
-        ///   or <c>Decrypt</c> must be exactly this size. Indicating the required tag size prevents issues where callers
-        ///   of <c>Decrypt</c> may supply a tag as input and that input is truncated to an unexpected size.
-        /// </remarks>
-        public AesGcm(ReadOnlySpan<byte> key, int tagSizeInBytes)
-        {
-            ThrowIfNotSupported();
-
-            AesAEAD.CheckKeySize(key.Length);
-
-            if (!tagSizeInBytes.IsLegalSize(TagByteSizes))
-            {
-                throw new ArgumentException(SR.Cryptography_InvalidTagLength, nameof(tagSizeInBytes));
-            }
-
-            TagSizeInBytes = tagSizeInBytes;
-            ImportKey(key);
-        }
-
-        /// <summary>
-        ///   Initializes a new instance of the <see cref="AesGcm" /> class with a provided key and required tag size.
-        /// </summary>
-        /// <param name="key">The secret key to use for this instance.</param>
-        /// <param name="tagSizeInBytes">The size of the tag, in bytes, that encryption and decryption must use.</param>
-        /// <exception cref="ArgumentNullException">The <paramref name="key" /> parameter is null.</exception>
-        /// <exception cref="CryptographicException">
-        ///   The <paramref name="key" /> parameter length is other than 16, 24, or 32 bytes (128, 192, or 256 bits).
-        /// </exception>
-        /// <exception cref="ArgumentException">
-        ///   The <paramref name="tagSizeInBytes" /> parameter is an unsupported tag size indicated by
-        ///   <see cref="TagByteSizes" />.
-        /// </exception>
-        /// <exception cref="PlatformNotSupportedException">
-        ///   The current platform does not support AES-GCM.
-        /// </exception>
-        /// <remarks>
-        ///   The <paramref name="tagSizeInBytes" /> parameter is used to indicate that the tag parameter in <c>Encrypt</c>
-        ///   or <c>Decrypt</c> must be exactly this size. Indicating the required tag size prevents issues where callers
-        ///   of <c>Decrypt</c> may supply a tag as input and that input is truncated to an unexpected size.
-        /// </remarks>
-        public AesGcm(byte[] key, int tagSizeInBytes)
-            : this(new ReadOnlySpan<byte>(key ?? throw new ArgumentNullException(nameof(key))), tagSizeInBytes)
-        {
-        }
-
-        /// <summary>
-        /// Gets the size of the tag, in bytes.
-        /// </summary>
-        /// <value>
-        /// The size of the tag that must be used for encryption or decryption, or <see langword="null" /> if the
-        /// tag size is unspecified.
-        /// </value>
-        public int? TagSizeInBytes { get; }
-
-        public void Encrypt(byte[] nonce, byte[] plaintext, byte[] ciphertext, byte[] tag, byte[]? associatedData = null)
-        {
-            ArgumentNullException.ThrowIfNull(nonce);
-            ArgumentNullException.ThrowIfNull(plaintext);
-            ArgumentNullException.ThrowIfNull(ciphertext);
-            ArgumentNullException.ThrowIfNull(tag);
-
-            Encrypt((ReadOnlySpan<byte>)nonce, plaintext, ciphertext, tag, associatedData);
-        }
-
-        public void Encrypt(
-            ReadOnlySpan<byte> nonce,
-            ReadOnlySpan<byte> plaintext,
-            Span<byte> ciphertext,
-            Span<byte> tag,
-            ReadOnlySpan<byte> associatedData = default)
-        {
-            CheckParameters(plaintext, ciphertext, nonce, tag);
-            EncryptCore(nonce, plaintext, ciphertext, tag, associatedData);
-        }
-
-        public void Decrypt(byte[] nonce, byte[] ciphertext, byte[] tag, byte[] plaintext, byte[]? associatedData = null)
-        {
-            ArgumentNullException.ThrowIfNull(nonce);
-            ArgumentNullException.ThrowIfNull(ciphertext);
-            ArgumentNullException.ThrowIfNull(tag);
-            ArgumentNullException.ThrowIfNull(plaintext);
-
-            Decrypt((ReadOnlySpan<byte>)nonce, ciphertext, tag, plaintext, associatedData);
-        }
-
-        public void Decrypt(
-            ReadOnlySpan<byte> nonce,
-            ReadOnlySpan<byte> ciphertext,
-            ReadOnlySpan<byte> tag,
-            Span<byte> plaintext,
-            ReadOnlySpan<byte> associatedData = default)
-        {
-            CheckParameters(plaintext, ciphertext, nonce, tag);
-            DecryptCore(nonce, ciphertext, tag, plaintext, associatedData);
-        }
-
-        private void CheckParameters(
-            ReadOnlySpan<byte> plaintext,
-            ReadOnlySpan<byte> ciphertext,
-            ReadOnlySpan<byte> nonce,
-            ReadOnlySpan<byte> tag)
-        {
-            if (plaintext.Length != ciphertext.Length)
-                throw new ArgumentException(SR.Cryptography_PlaintextCiphertextLengthMismatch);
-
-            if (!nonce.Length.IsLegalSize(NonceByteSizes))
-                throw new ArgumentException(SR.Cryptography_InvalidNonceLength, nameof(nonce));
-
-            if (TagSizeInBytes is int tagSizeInBytes)
-            {
-                // constructor promise
-                Debug.Assert(tagSizeInBytes.IsLegalSize(TagByteSizes));
-
-                if (tag.Length != tagSizeInBytes)
-                {
-                    throw new ArgumentException(SR.Format(SR.Cryptography_IncorrectTagLength, tagSizeInBytes), nameof(tag));
-                }
-            }
-            else if (!tag.Length.IsLegalSize(TagByteSizes))
-            {
-                throw new ArgumentException(SR.Cryptography_InvalidTagLength, nameof(tag));
-            }
-        }
-
-        private static void ThrowIfNotSupported()
-        {
-            if (!IsSupported)
-            {
-                throw new PlatformNotSupportedException(SR.Format(SR.Cryptography_AlgorithmNotSupported, nameof(AesGcm)));
-            }
-        }
     }
 }
diff --git a/src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj b/src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj
index 9ec855e32bd341..a03f173a7c5e3a 100644
--- a/src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj
+++ b/src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj
@@ -217,8 +217,12 @@
              Link="CommonTest\System\Security\Cryptography\509Certificates\X509CertificateLoaderPkcs12Tests.cs" />
     <Compile Include="$(CommonTestPath)System\Security\Cryptography\X509Certificates\X509CertificateLoaderTests.cs"
              Link="CommonTest\System\Security\Cryptography\509Certificates\X509CertificateLoaderTests.cs" />
+    <Compile Include="$(CommonTestPath)System\Security\Cryptography\AesGcmTests.cs"
+             Link="CommonTest\System\Security\Cryptography\AesGcmTests.cs" />
     <Compile Include="$(CommonTestPath)System\Security\Cryptography\ByteUtils.cs"
              Link="CommonTest\System\Security\Cryptography\ByteUtils.cs" />
+    <Compile Include="$(CommonTestPath)System\Security\Cryptography\CommonAEADTests.cs"
+             Link="CommonTest\System\Security\Cryptography\CommonAEADTests.cs" />
     <Compile Include="$(CommonTestPath)System\Security\Cryptography\CngKeyWrapper.cs"
              Link="CommonTest\System\Security\Cryptography\CngKeyWrapper.cs" />
     <Compile Include="$(CommonTestPath)System\Security\Cryptography\CryptoUtils.cs"
@@ -228,7 +232,6 @@
   </ItemGroup>
   <ItemGroup>
     <Compile Include="AesCcmTests.cs" />
-    <Compile Include="AesGcmTests.cs" />
     <Compile Include="AesManagedTests.cs" />
     <Compile Include="AesProvider.cs" />
     <Compile Include="AesTests.cs" />
@@ -242,7 +245,6 @@
     <Compile Include="ChaCha20Poly1305Tests.cs" />
     <Compile Include="CngKeyTests.cs" />
     <Compile Include="CngUtility.cs" />
-    <Compile Include="CommonAEADTests.cs" />
     <Compile Include="CryptoConfigTests.cs" />
     <Compile Include="CryptographicException.cs" />
     <Compile Include="CryptoStream.cs" />