If a message has been unwrapped, or if it was never wrapped in the first place, it can be verified with gss_verify_mic(). gss_verify_mic() looks like this:
OM_uint32 gss_verify_mic ( OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t message_buffer, const gss_buffer_t token_buffer, gss_qop_t qop_state)
The status code returned by the underlying mechanism.
The context under which the message will be sent.
The received message. This argument must be in the form of a gss_buffer_desc object; see Strings and Similar Data. Must be freed up with gss_release_buffer() when you have finished with it.
The token containing the received MIC. This argument must be in the form of a gss_buffer_desc object; see Strings and Similar Data. This buffer must be freed up with gss_release_buffer() when the application has finished with it.
The QOP (Quality of Protection) that was applied in generating the MIC. Specify NULL if not required.
gss_verify_mic() returns GSS_S_COMPLETE if the message was successfully verified. If it cannot verify the message against its MIC, it returns GSS_S_BAD_SIG.