It feels like crypto packages in languages have a lot of easy ways to screw up. I'm not talking about "rolling your own" I'm just talking about using them properly without aiming the gun at your foot. pyCrypto.AES for example would be challenging for a newcomer to this.
Packages providing individual functions are not designed to be used as-is. These packages are generally good and do what they are supposed to do; the main issue is that many developers think that e.g. AES is all they need. We operation-based APIs more than low-level APIS.