diff --git a/src/TokenType/MAC.php b/src/TokenType/MAC.php
index 53f302d9..886b7370 100644
--- a/src/TokenType/MAC.php
+++ b/src/TokenType/MAC.php
@@ -118,7 +118,14 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
             $calculatedSignatureParts[] = $params->get('ext');
         }
 
-        $calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), $macKey));
+        $calculatedSignature = base64_encode(
+            hash_hmac(
+                'sha256',
+                implode("\n", $calculatedSignatureParts),
+                $macKey,
+                true  // raw_output: outputs raw binary data
+            )
+        );
 
         // Return the access token if the signature matches
         return ($this->hash_equals($calculatedSignature, $signature)) ? $accessToken : null;
diff --git a/tests/unit/TokenType/MacTest.php b/tests/unit/TokenType/MacTest.php
index f0fc2fc2..d699e1b7 100644
--- a/tests/unit/TokenType/MacTest.php
+++ b/tests/unit/TokenType/MacTest.php
@@ -57,7 +57,7 @@ class MacTest extends \PHPUnit_Framework_TestCase
             $request->getPort(),
             'ext'
         ];
-        $calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), 'abcdef'));
+        $calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), 'abcdef', true));
 
         $request->headers->set('Authorization',  sprintf('MAC id="foo", nonce="foo", ts="%s", mac="%s", ext="ext"', $ts, $calculatedSignature));