diff --git a/go/crypto.patch b/go/crypto.patch
deleted file mode 100644
index 49ecd6a..0000000
--- a/go/crypto.patch
+++ /dev/null
@@ -1,86 +0,0 @@
---- go/src/github.com/ProtonMail/gopenpgp/vendor/golang.org/x/crypto/openpgp/s2k/s2k.go	2019-07-20 15:43:48.000000000 -0700
-+++ go/src/github.com/ProtonMail/gopenpgp/vendor/golang.org/x/crypto/openpgp/s2k/s2k.go	2019-07-20 15:53:58.000000000 -0700
-@@ -121,6 +121,53 @@
- 	}
- }
- 
-+func parseGNUExtensions(r io.Reader) (f func(out, in []byte), err error) {
-+	var buf [9]byte
-+
-+	// A three-byte string identifier
-+	_, err = io.ReadFull(r, buf[:3])
-+	if err != nil {
-+		return
-+	}
-+	gnuExt := string(buf[:3])
-+
-+	if gnuExt != "GNU" {
-+		return nil, errors.UnsupportedError("Malformed GNU extension: " + gnuExt)
-+	}
-+	_, err = io.ReadFull(r, buf[:1])
-+	if err != nil {
-+		return
-+	}
-+	gnuExtType := int(buf[0])
-+	switch gnuExtType {
-+	case 1:
-+		return nil, nil
-+	case 2:
-+		// Read a serial number, which is prefixed by a 1-byte length.
-+		// The maximum length is 16.
-+		var lenBuf [1]byte
-+		_, err = io.ReadFull(r, lenBuf[:])
-+		if err != nil {
-+			return
-+		}
-+
-+		maxLen := 16
-+		ivLen := int(lenBuf[0])
-+		if ivLen > maxLen {
-+			ivLen = maxLen
-+		}
-+		ivBuf := make([]byte, ivLen)
-+		// For now we simply discard the IV
-+		_, err = io.ReadFull(r, ivBuf)
-+		if err != nil {
-+			return
-+		}
-+		return nil, nil
-+	default:
-+		return nil, errors.UnsupportedError("unknown S2K GNU protection mode: " + strconv.Itoa(int(gnuExtType)))
-+	}
-+}
-+
- // Iterated writes to out the result of computing the Iterated and Salted S2K
- // function (RFC 4880, section 3.7.1.3) using the given hash, input passphrase,
- // salt and iteration count.
-@@ -167,6 +214,12 @@
- 		return
- 	}
- 
-+	// GNU Extensions; handle them before we try to look for a hash, which won't
-+	// be needed in most cases anyway.
-+	if buf[0] == 101 {
-+		return parseGNUExtensions(r)
-+	}
-+
- 	hash, ok := HashIdToHash(buf[1])
- 	if !ok {
- 		return nil, errors.UnsupportedError("hash for S2K function: " + strconv.Itoa(int(buf[1])))
-
---- go/src/github.com/ProtonMail/gopenpgp/vendor/golang.org/x/crypto/openpgp/packet/private_key.go	2019-07-20 15:43:48.000000000 -0700
-+++ go/src/github.com/ProtonMail/gopenpgp/vendor/golang.org/x/crypto/openpgp/packet/private_key.go	2019-07-20 16:26:05.000000000 -0700
-@@ -154,6 +154,13 @@
- 		if s2kType == 254 {
- 			pk.sha1Checksum = true
- 		}
-+		// S2K == nil implies that we got a "GNU Dummy" S2K. For instance,
-+		// because our master secret key is on a USB key in a vault somewhere.
-+		// In that case, there is no further data to consume here.
-+		if pk.s2k == nil {
-+			pk.Encrypted = false
-+			return
-+		}
- 	default:
- 		return errors.UnsupportedError("deprecated s2k function in private key")
- 	}
diff --git a/gopenpgp_build.sh b/gopenpgp_build.sh
index 89d499c..67b33d2 100755
--- a/gopenpgp_build.sh
+++ b/gopenpgp_build.sh
@@ -2,20 +2,23 @@
 
 set -euox pipefail
 
+mkdir -p go
 export GOPATH="$(pwd)/go"
 export PATH="$PATH:$GOPATH/bin"
 
 go get -u golang.org/x/mobile/cmd/gomobile || true
 gomobile init
-go get -u github.com/ProtonMail/gopenpgp || true
+go get -u github.com/mssun/gopenpgp || true
 
-PACKAGE_PATH="github.com/ProtonMail/gopenpgp"
-GOPENPGP_REVISION="v2.0.0"
+PACKAGE_PATH="github.com/mssun/gopenpgp"
+mkdir -p $GOPATH/src/github.com/ProtonMail
+GOPENPGP_REVISION="gnu-dummy"
+ln -s $GOPATH/src/github.com/mssun/gopenpgp $GOPATH/src/github.com/ProtonMail/gopenpgp
 
 ( cd "$GOPATH/src/$PACKAGE_PATH" && git checkout "$GOPENPGP_REVISION" && GO111MODULE=on go mod vendor )
-#patch -p0 < $GOPATH/crypto.patch
 
 OUTPUT_PATH="$GOPATH/dist"
 mkdir -p "$OUTPUT_PATH"
+
 "$GOPATH/bin/gomobile" bind -v -ldflags="-s -w" -target ios -o "${OUTPUT_PATH}/Crypto.framework" \
     "$PACKAGE_PATH"/{crypto,armor,constants,models,subtle}
diff --git a/passKitTests/Crypto/CryptoFrameworkTest.swift b/passKitTests/Crypto/CryptoFrameworkTest.swift
index b4da262..0d584ea 100644
--- a/passKitTests/Crypto/CryptoFrameworkTest.swift
+++ b/passKitTests/Crypto/CryptoFrameworkTest.swift
@@ -39,9 +39,9 @@ class CryptoFrameworkTest: XCTestCase {
         try [
             RSA2048,
             RSA4096,
-            //RSA2048_SUB,
+            RSA2048_SUB,
             ED25519,
-            //ED25519_SUB,
+            ED25519_SUB,
         ].forEach { keyTriple in
             var error: NSError?
             guard let publicKey = CryptoNewKeyFromArmored(keyTriple.publicKey, &error),
diff --git a/passKitTests/Crypto/PGPAgentTest.swift b/passKitTests/Crypto/PGPAgentTest.swift
index bb923b9..94a8276 100644
--- a/passKitTests/Crypto/PGPAgentTest.swift
+++ b/passKitTests/Crypto/PGPAgentTest.swift
@@ -42,9 +42,9 @@ class PGPAgentTest: XCTestCase {
         try [
             RSA2048,
             RSA4096,
-            //RSA2048_SUB,
+            RSA2048_SUB,
             ED25519,
-            //ED25519_SUB,
+            ED25519_SUB,
         ].forEach { keyTriple in
             let keychain = DictBasedKeychain()
             let pgpAgent = PGPAgent(keyStore: keychain)