I am trying to implement a PQC-enabled VPN using Open VPN and OQS-OpenSSL. I have used the quantum-safe fork for OpenSSL and integrated it while building the version of OpenVPN. However it seems that OpenVPN seems to be implementing its own version of DH rather than calling OpenSSL to do the same.
I divided my task into 2 main heads where I broke the encryption task, as per the PQC methodology, namely Digital Signatures and Key-Exch Mechanisms. I changed the Digital Signatures to use OQS-OpenSSL and can authenticate using Crystals-Dilithium. When going to replace current KEX with Crystals-Kyber I have hit a wall. I’m stuck around the problem that I’m not sure how to proceed for the same. Do I need to change the source code itself because that is likely to be above my current level of knowledge. Any help is appreciated!