JWT Signature HS256 - different result on linux and website

Question

I'm trying to write small linux utility for development purposes that works with JWT signatures.

Problem: linux secret and secret from jwt.io website are different. I'm using default data from https://jwt.io/#debugger-io and HS256.

Example:

 # hmac256
 $ echo -n "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9" | hmac256 secret
 > 4c9540f793ab33b13670169bdf444c1eb1c37047f18e861981e14e34587b1e04

 # openssl
 $ echo -n "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9" | openssl dgst -sha256 -hmac secret   
 > (stdin)= 4c9540f793ab33b13670169bdf444c1eb1c37047f18e861981e14e34587b1e04

 # Key from website
 # TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ

Answer 1

Found answer, result of hash utilities should be in binary format and also in base64 encoding.

So working commands are:

• echo -n "{header}.{payload}" | hmac256 --binary secret | base64
• echo -n "{header}.{payload}" | openssl dgst -sha256 -binary -hmac secret | base64

Example:

$ echo -n "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9" | hmac256 --binary secret | base64
> TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ=

$ echo -n "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9" | openssl dgst -sha256 -binary -hmac secret | base64
> TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ=