diff --git a/bare_minimum_crypto/cpp/bmc_test.cpp b/bare_minimum_crypto/cpp/bmc_test.cpp
index ad81768..6b892fa 100644
--- a/bare_minimum_crypto/cpp/bmc_test.cpp
+++ b/bare_minimum_crypto/cpp/bmc_test.cpp
@@ -139,7 +139,19 @@ int happy_path () {
 	// even though the receiver has never seen the sub-key.
 	
 	const auto root_pubkey = root_key.pubkey ();
-	auto verified_opt = Receiver::verify_cert_and_data (root_pubkey, cert, signed_data);
+	
+	const json j {
+		{"cert", {
+			{"sig_b64", base64_encode (cert.sig)},
+			{"payload_s", cert.cert_s},
+		}},
+		{"data", {
+			{"sig_b64", base64_encode (signed_data.sig)},
+			{"payload_s", signed_data.cert_s},
+		}},
+	};
+	
+	auto verified_opt = Receiver::verify_cert_and_data (root_pubkey, j.dump ());
 	if (! verified_opt) {
 		cerr << "Receiver couldn't verify cert and data" << endl;
 		return 1;
diff --git a/bare_minimum_crypto/cpp/expiring_signature.h b/bare_minimum_crypto/cpp/expiring_signature.h
index 7ab525b..ae66f00 100644
--- a/bare_minimum_crypto/cpp/expiring_signature.h
+++ b/bare_minimum_crypto/cpp/expiring_signature.h
@@ -4,6 +4,8 @@
 #include <string>
 #include <vector>
 
+#include "json.hpp"
+
 namespace BareMinimumCrypto {
 	using namespace std;
 	
diff --git a/bare_minimum_crypto/cpp/receiver.cpp b/bare_minimum_crypto/cpp/receiver.cpp
index aa0ca46..14da2f5 100644
--- a/bare_minimum_crypto/cpp/receiver.cpp
+++ b/bare_minimum_crypto/cpp/receiver.cpp
@@ -17,8 +17,8 @@ namespace BareMinimumCrypto::Receiver {
 	}
 
 	optional <vector <uint8_t>> try_verify_signed_data (
-		const ExpiringSignature & sig,
 		const vector <uint8_t> & pubkey,
+		const ExpiringSignature & sig,
 		Instant now
 	) {
 		try_sodium_init ();
@@ -54,12 +54,12 @@ namespace BareMinimumCrypto::Receiver {
 	}
 
 	optional <vector <uint8_t>> verify_signed_data (
-		const ExpiringSignature & sig,
 		const vector <uint8_t> & pubkey,
+		const ExpiringSignature & sig,
 		Instant now
 	) {
 		try {
-			return try_verify_signed_data (sig, pubkey, now);
+			return try_verify_signed_data (pubkey, sig, now);
 		}
 		catch (json::exception &) {
 			return nullopt;
@@ -72,13 +72,13 @@ namespace BareMinimumCrypto::Receiver {
 		const ExpiringSignature & signed_data,
 		Instant now
 	) {
-		auto subkey_opt = verify_signed_data (signed_cert, root_pubkey, now);
+		auto subkey_opt = verify_signed_data (root_pubkey, signed_cert, now);
 		if (! subkey_opt) {
 			return nullopt;
 		}
 		const auto subkey = std::move (*subkey_opt);
 		
-		return verify_signed_data (signed_data, subkey, now);
+		return verify_signed_data (subkey, signed_data, now);
 	}
 	
 	optional <vector <uint8_t>> verify_cert_and_data (
@@ -88,4 +88,39 @@ namespace BareMinimumCrypto::Receiver {
 	) {
 		return verify_cert_and_data (root_pubkey, signed_cert, signed_data, Instant::now ());
 	}
+	
+	optional <vector <uint8_t>> try_verify_cert_and_data (
+		const vector <uint8_t> & root_pubkey,
+		const string & json_string,
+		Instant now
+	) {
+		const json j = json::parse (json_string);
+		
+		ExpiringSignature cert;
+		
+		cert.sig = *base64_decode (j ["cert"]["sig_b64"]);
+		cert.cert_s = j ["cert"]["payload_s"];
+		
+		auto subkey_opt = verify_signed_data (root_pubkey, cert, now);
+		const auto subkey = std::move (*subkey_opt);
+		
+		ExpiringSignature data;
+		
+		data.sig = *base64_decode (j ["data"]["sig_b64"]);
+		data.cert_s = j ["data"]["payload_s"];
+		
+		return verify_signed_data (subkey, data, now);
+	}
+	
+	optional <vector <uint8_t>> verify_cert_and_data (
+		const vector <uint8_t> & root_pubkey,
+		const string & json_string
+	) {
+		try {
+			return try_verify_cert_and_data (root_pubkey, json_string, Instant::now ());
+		}
+		catch (json::exception &) {
+			return nullopt;
+		}
+	}
 }