diff --git a/gateway_test.go b/gateway_test.go
index 216ad1e..082f233 100644
--- a/gateway_test.go
+++ b/gateway_test.go
@@ -32,7 +32,7 @@ func createGateway(t *testing.T) ohttp.Gateway {
 	if err != nil {
 		t.Fatal("Failed to create a valid config. Exiting now.")
 	}
-	config, err := ohttp.NewConfig(CURRENT_KEY_ID, hpke.KEM_X25519_HKDF_SHA256, hpke.KDF_HKDF_SHA256, hpke.AEAD_AES128GCM)
+	config, err := ohttp.NewConfig(CURRENT_KEY_ID, hpke.KEM_X25519_KYBER768_DRAFT00, hpke.KDF_HKDF_SHA256, hpke.AEAD_AES128GCM)
 	if err != nil {
 		t.Fatal("Failed to create a valid config. Exiting now.")
 	}
@@ -225,7 +225,6 @@ func testBodyContainsError(t *testing.T, resp *http.Response, expectedText strin
 }
 
 func testMetricsContainsResult(t *testing.T, metricsCollector *MockMetricsFactory, event string, result string) {
-
 	for _, metric := range metricsCollector.metrics {
 		if metric.eventName == event {
 			_, exists := metric.resultLabels[result]
@@ -261,6 +260,42 @@ func TestQueryHandlerInvalidContentType(t *testing.T) {
 	testMetricsContainsResult(t, mustGetMetricsFactory(t, target), metricsEventGatewayRequest, metricsResultInvalidContentType)
 }
 
+func TestLegacyGatewayHandler(t *testing.T) {
+	target := createMockEchoGatewayServer(t)
+
+	handler := http.HandlerFunc(target.gatewayHandler)
+
+	config, err := target.gateway.Config(LEGACY_KEY_ID)
+	if err != nil {
+		t.Fatal(err)
+	}
+	client := ohttp.NewDefaultClient(config)
+
+	testMessage := []byte{0xCA, 0xFE}
+	req, _, err := client.EncapsulateRequest(testMessage)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	request, err := http.NewRequest(http.MethodPost, defaultEchoEndpoint, bytes.NewReader(req.Marshal()))
+	if err != nil {
+		t.Fatal(err)
+	}
+	request.Header.Add("Content-Type", "message/ohttp-req")
+
+	rr := httptest.NewRecorder()
+	handler.ServeHTTP(rr, request)
+
+	if status := rr.Result().StatusCode; status != http.StatusOK {
+		t.Fatal(fmt.Errorf("Result did not yield %d, got %d instead", http.StatusOK, status))
+	}
+	if rr.Result().Header.Get("Content-Type") != "message/ohttp-res" {
+		t.Fatal("Invalid content type response")
+	}
+
+	testMetricsContainsResult(t, mustGetMetricsFactory(t, target), metricsEventGatewayRequest, metricsResultSuccess)
+}
+
 func TestGatewayHandler(t *testing.T) {
 	target := createMockEchoGatewayServer(t)
 
diff --git a/go.mod b/go.mod
index 5d73252..abf9139 100644
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.17
 
 require (
 	github.com/DataDog/datadog-go/v5 v5.1.1
-	github.com/chris-wood/ohttp-go v0.0.0-20230502102522-b8ae3b520d55
+	github.com/chris-wood/ohttp-go v0.0.0-20230523152405-45fb0d05eb13
 	github.com/cloudflare/circl v1.3.3
 	google.golang.org/protobuf v1.28.1
 )
diff --git a/go.sum b/go.sum
index 88b7075..89973f5 100644
--- a/go.sum
+++ b/go.sum
@@ -5,6 +5,8 @@ github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpz
 github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
 github.com/chris-wood/ohttp-go v0.0.0-20230502102522-b8ae3b520d55 h1:N0632r12Q7wnmhppSt07MlEyWoYzBgDaPRhJnmnLHdQ=
 github.com/chris-wood/ohttp-go v0.0.0-20230502102522-b8ae3b520d55/go.mod h1:P/sVWl8F9KHJ1esPj/g1A5h8vfA3Ps9n6JOMNf6TszU=
+github.com/chris-wood/ohttp-go v0.0.0-20230523152405-45fb0d05eb13 h1:6KPUTuaINL/GlEf3Fd08p/JVVoVRX4Mh4GtsAJUKv7o=
+github.com/chris-wood/ohttp-go v0.0.0-20230523152405-45fb0d05eb13/go.mod h1:P/sVWl8F9KHJ1esPj/g1A5h8vfA3Ps9n6JOMNf6TszU=
 github.com/cloudflare/circl v1.3.3-0.20230418220640-795540340d5c/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
 github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs=
 github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
diff --git a/main.go b/main.go
index 374b44d..19ce03b 100644
--- a/main.go
+++ b/main.go
@@ -264,7 +264,7 @@ func main() {
 	handlers[metadataEndpoint] = metadataHandler // Metadata handler
 	target := &gatewayResource{
 		verbose:               verbose,
-		legacyKeyID:           configID,
+		legacyKeyID:           legacyConfigID,
 		gateway:               gateway,
 		encapsulationHandlers: handlers,
 		debugResponse:         debugResponse,
diff --git a/vendor/github.com/chris-wood/ohttp-go/ohttp.go b/vendor/github.com/chris-wood/ohttp-go/ohttp.go
index 0661ac9..77763b6 100644
--- a/vendor/github.com/chris-wood/ohttp-go/ohttp.go
+++ b/vendor/github.com/chris-wood/ohttp-go/ohttp.go
@@ -244,7 +244,7 @@ func UnmarshalEncapsulatedRequest(enc []byte) (EncapsulatedRequest, error) {
 	}
 	aeadID := hpke.AEAD(binary.BigEndian.Uint16(aeadIDBuffer))
 
-	key := make([]byte, kemID.Scheme().PublicKeySize())
+	key := make([]byte, kemID.Scheme().CiphertextSize())
 	_, err = b.Read(key)
 	if err != nil {
 		return EncapsulatedRequest{}, err
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 99b1227..7caaae9 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -5,7 +5,7 @@ github.com/DataDog/datadog-go/v5/statsd
 ## explicit; go 1.12
 github.com/Microsoft/go-winio
 github.com/Microsoft/go-winio/pkg/guid
-# github.com/chris-wood/ohttp-go v0.0.0-20230502102522-b8ae3b520d55
+# github.com/chris-wood/ohttp-go v0.0.0-20230523152405-45fb0d05eb13
 ## explicit; go 1.15
 github.com/chris-wood/ohttp-go
 # github.com/cloudflare/circl v1.3.3