If encryption is a core business function, you need as a prerequisite to having a business at all a couple of folks who know encryption well enough to roll their own.
If there's reason to believe your team is better at cryptography implementation than the people behind the libraries you'd otherwise use, maybe. (This probably applies to the US national security establishment, not some random internet product).
— Joel Spolsky, talking about Not-Invented-Here programming
https://www.joelonsoftware.com/2001/10/14/in-defense-of-not-...