> As far as I know, it is currently not possible to implement constant-time functions using stable Rust.
For those wondering, that's because asm! is not stabilised and the stabilisation path for it is unclear[0], there's also been a proposal for an alternative asm![1], Rust otherwise relies on LLVM and Brian Anderson reported[2] having
> been told by LLVM folks that getting LLVM to do constant time code generation is essentially hopeless, and it should just be written in asm.
Nadeko[3] aims to do exactly that, but because of the above only works on nightly.
[0] an RFC was created then retracted[4] for discussions on internals[5]
I'm not sure composition would work so you'd have to code every constant-time function entirely in assembler.
And now I wonder why there isn't already such a project, surely the number of necessarily constant-time functions is relatively low? Constant-time equality (of byte sequences), constant time conditional (`a if b else c`), constant-time comparison (<=) and maybe constant-time bytes copy?
For those wondering, that's because asm! is not stabilised and the stabilisation path for it is unclear[0], there's also been a proposal for an alternative asm![1], Rust otherwise relies on LLVM and Brian Anderson reported[2] having
> been told by LLVM folks that getting LLVM to do constant time code generation is essentially hopeless, and it should just be written in asm.
Nadeko[3] aims to do exactly that, but because of the above only works on nightly.
[0] an RFC was created then retracted[4] for discussions on internals[5]
[1] https://github.com/rust-lang/rfcs/pull/129/files
[2] http://rust-dev.1092773.n5.nabble.com/Rust-crypto-highlights...
[3] https://github.com/klutzy/nadeko
[4] https://github.com/rust-lang/rfcs/issues/1274
[5] https://internals.rust-lang.org/t/stabilization-path-for-asm...