You can have a look at https://github.com/julianstorer/JUCE/blob/f1ad44e2bfd49acd19800342e944aaec7a3c04dd/modules/juce_tracktion_marketplace/marketplace/juce_OnlineUnlockStatus.cpp
(decryptXML) - but that's not really verification, but decryption.
What you could do for verification is:
Alice: appends private key encrypted hash of message
Bob: "decrypts" hash with public key and compares the result with the hash he computed from the message.
Here's in pseudo-code, what the alogithm might look like:
hmac sign(private_key, message) // return the signature
hash = sha256(message);
signature = private_key.encrypt(hash);
bool verify(public_key, message, hmac)
my_hash = sha256(message);
their_hash = public_key.decrypt(hmac);
return my_hash == their_hash;
But instead of cooking up such algorithms on your own, I'd recomend to use a library - crypto is just to easy to get wrong.
I had great success with libsodium (https://download.libsodium.org/doc/public-key_cryptography/public-key_signatures.html)
It should be straight forward to create a juce module out of it.