diff --git a/python/py_vapid/jwt.py b/python/py_vapid/jwt.py
index 1fccff9..c460f76 100644
--- a/python/py_vapid/jwt.py
+++ b/python/py_vapid/jwt.py
@@ -83,5 +83,5 @@ def sign(claims, key):
     token = "{}.{}".format(header, claims)
     rsig = key.sign(token.encode('utf8'), ec.ECDSA(hashes.SHA256()))
     (r, s) = utils.decode_dss_signature(rsig)
-    sig = b64urlencode(num_to_bytes(r) + num_to_bytes(s))
+    sig = b64urlencode(num_to_bytes(r, 32) + num_to_bytes(s, 32))
     return "{}.{}".format(token, sig)
diff --git a/python/py_vapid/utils.py b/python/py_vapid/utils.py
index 44c821e..02ecf4e 100644
--- a/python/py_vapid/utils.py
+++ b/python/py_vapid/utils.py
@@ -26,11 +26,14 @@ def b64urlencode(data):
     return base64.urlsafe_b64encode(data).replace(b'=', b'').decode('utf8')
 
 
-def num_to_bytes(n):
+def num_to_bytes(n, pad_to):
     """Returns the byte representation of an integer, in big-endian order.
     :param n: The integer to encode.
     :type n: int
+    :param pad_to: Expected length of result, zeropad if necessary.
+    :type pad_to: int
     :returns bytes
     """
     h = '%x' % n
-    return binascii.unhexlify('0' * (len(h) % 2) + h)
+    r = binascii.unhexlify('0' * (len(h) % 2) + h)
+    return b'\x00' * (pad_to - len(r)) + r