@wolf480pl Did you ever actually look at the specification for cryptographic algorithms? Because they pretty much all come with very good test vectors.

Or looked at the code of popular cryptographic libraries? Because a lot of them are downright scary and wouldn't pass an audit (remember OpenBSD reaction to OpenSSL?).

Hence why I've only ever seen serious usage of "Don't roll your own crypto" to mean "Don't make your own algorithms".

As for browsers and the like, usages should be separated *but* it should be comfortable. Because attackers will exploit your stress (check articles from people who got phished), which is where you'll choose the easiest and most immediate path, which should still be secure.
(That sadly means getting proper security on smartphones for most people)