Yeah, ASM is also probably the only realistic way you can guarantee constant time (i.e. guarantee a C compiler won't do something crazy behind your back)

In the meantime, people continue to use OpenSSL because using NaCl is too hard