Could you link something relevant? I find it hard to believe - seems you could do it the same way every other language does. For example OR all the bytes XORed between two arrays, then compare to 0.

Maidsafe seems to be implementing it somehow for example: http://maidsafe.net/sodiumoxide/master/maidsafe_sodiumoxide/... (see comments about PartialEq)

I did not realize that; looking things up I can verify your claim. There is an RFC out there for the ability to write constant time functions. That would be great and I hope it makes it in. Thanks for informing me.

Not more difficult than C - you write the crypto functions in asm. You could use a C compiler to handle the ABI but the code isn't really C code.

How much code needs to be constant time? Compared to all the management code and parsing and so on?