move from `buffer-equal-constant-time` to `timingSafeEqual`

[niziak]

Hi. Reason of this proposal is described here: Shinobi #452. Please also see note here: Publish deprecation notice #6

[thaisfaria]

This is causing a failed build on my production project due to multiple libraries depending on jsonwebtoken or jws, that ultimately depend on this library.

[jimmywarting]

Would prefer a NodeJS dependency free solution that dose not depend on node:crypto or node:buffer in the hope of one day being better cross compatible with other env. and instead operates on Uint8Array

So i would just rather inline the solution and build a more generic solution that works on any typed array.

function timingEq(a, b) {
  if (a.length !== b.length) return false

  let c = 0
  for (let i = 0, len = a.length; i < len; i++) c |= a[i] ^ b[i]
  return !c
}