This doesn’t seem all that smart to me; it’s easy to add code to check if the caller has asked for DES rather than AES, but much harder to check if they have handled exceptions or error return values correctly. That really needs some sort of static analysis tool.