Cryptography - How to sign a json object in java?

Question

I want to send a java object to a server and send its signature through another way to the server. for this, I need to convert it to JSON and then create a signature form JSON. I know that I can create a signed token with JOSE but it will also attach object data to the token, and it makes token too long. Also, It is required to sign one object multiple time by different signers.

Is there any standard or tool (at least for java/javascript) to guaranty that conversation of JSON to string always represent in unique format?

Is it possible to omit the second part of JWT which contains JSON data and create in using an arbitrary JSON creator?

If non of the answers are yes, what should I do?

Answer 1

JOSE is a framework, not a standard. JSON Web Signature (JWS) is a standard defined in RFC 7515, and JSON Web Token (JWT) is a compact token format using JWS signature defined in RFC 7519

Is there any standard or tool (at least for java/javascript) to guaranty that conversation of JSON to string always represent in unique format?

Yes, JWS defines that JWS Payload is encoded as BASE64URL(UTF8(JWS Payload))

Is it possible to omit the second part of JWT which contains JSON data and create in using an arbitrary JSON creator?

You can omit the second part of JWT (the payload), but then it won't be a JWT. I think you do not need JWT (the purpose of JWT is exchange authentication tokens) but apply a digital signature to your document. And JWS is suitable for this

But, with several signers you will need an additional layer of digital signature capabilities. For example to include the signer's identity, relate the content signed with the signer or set the order of signatures.

Unfortunately there is no a standard to do this, like XAdES, PAdES or CAdES for XML, PDF and binary documents