After trying to use crypto.timingSafeEqual with two buffers that have different length I've got an exception.

I read the docs and realized that crypto.timingSafeEqual is supporting only buffers with the same length which is contradicting the concept of timing safe compare.

The comparison code:

Maybe it's worth to implement it like that: https://github.com/vadimdemedes/secure-compare/blob/master/index.js#L12