diff --git a/kms/uri/uri.go b/kms/uri/uri.go
index a5a4c55b..8e30a7c5 100644
--- a/kms/uri/uri.go
+++ b/kms/uri/uri.go
@@ -90,24 +90,30 @@ func (u *URI) Get(key string) string {
 	if v == "" {
 		v = u.URL.Query().Get(key)
 	}
-	return StringDecode(v)
+	return v
 }
 
-// GetHex returns the first value in the uri with the give n key, it will return
-// empty nil if that field is not present.
-func (u *URI) GetHex(key string) ([]byte, error) {
-	v := u.Values.Get(key)
+// GetEncoded returns the first value in the uri with the give n key, it will
+// return empty nil if that field is not present or is empty. If the return
+// value is hex encoded it will decode it and return it.
+func (u *URI) GetEncoded(key string) []byte {
+	v := u.Get(key)
 	if v == "" {
-		v = u.URL.Query().Get(key)
+		return nil
 	}
-	return HexDecode(v)
+	if len(v)%2 == 0 {
+		if b, err := hex.DecodeString(v); err == nil {
+			return b
+		}
+	}
+	return []byte(v)
 }
 
 // Pin returns the pin encoded in the url. It will read the pin from the
 // pin-value or the pin-source attributes.
 func (u *URI) Pin() string {
 	if value := u.Get("pin-value"); value != "" {
-		return StringDecode(value)
+		return value
 	}
 	if path := u.Get("pin-source"); path != "" {
 		if b, err := readFile(path); err == nil {
@@ -128,89 +134,3 @@ func readFile(path string) ([]byte, error) {
 	}
 	return b, nil
 }
-
-// PercentEncode encodes the given bytes using the percent encoding described in
-// RFC3986 (https://tools.ietf.org/html/rfc3986).
-func PercentEncode(b []byte) string {
-	buf := new(strings.Builder)
-	for _, v := range b {
-		buf.WriteString("%" + hex.EncodeToString([]byte{v}))
-	}
-	return buf.String()
-}
-
-// PercentDecode decodes the given string using the percent encoding described
-// in RFC3986 (https://tools.ietf.org/html/rfc3986).
-func PercentDecode(s string) ([]byte, error) {
-	if len(s)%3 != 0 {
-		return nil, errors.Errorf("error parsing %s: wrong length", s)
-	}
-
-	var first string
-	buf := new(bytes.Buffer)
-	for i, r := range s {
-		mod := i % 3
-		rr := string(r)
-		switch mod {
-		case 0:
-			if r != '%' {
-				return nil, errors.Errorf("error parsing %s: expected %% and found %s in position %d", s, rr, i)
-			}
-		case 1:
-			if !isHex(r) {
-				return nil, errors.Errorf("error parsing %s: %s in position %d is not an hexadecimal number", s, rr, i)
-			}
-			first = string(r)
-		case 2:
-			if !isHex(r) {
-				return nil, errors.Errorf("error parsing %s: %s in position %d is not an hexadecimal number", s, rr, i)
-			}
-			b, err := hex.DecodeString(first + rr)
-			if err != nil {
-				return nil, errors.Wrapf(err, "error parsing %s", s)
-			}
-			buf.Write(b)
-		}
-	}
-	return buf.Bytes(), nil
-}
-
-// StringDecode returns the string given, but it will use Percent-Encoding if
-// the string is percent encoded.
-func StringDecode(s string) string {
-	if strings.HasPrefix(s, "%") {
-		if b, err := PercentDecode(s); err == nil {
-			return string(b)
-		}
-	}
-	return s
-}
-
-// HexDecode deocdes the string s using Percent-Encoding or regular hex
-// encoding.
-func HexDecode(s string) ([]byte, error) {
-	if s == "" {
-		return nil, nil
-	} else if strings.HasPrefix(s, "%") {
-		return PercentDecode(s)
-	}
-
-	b, err := hex.DecodeString(s)
-	if err != nil {
-		return nil, errors.Wrapf(err, "error parsing %s", s)
-	}
-	return b, nil
-}
-
-func isHex(r rune) bool {
-	switch {
-	case r >= '0' && r <= '9':
-		return true
-	case r >= 'a' && r <= 'f':
-		return true
-	case r >= 'A' && r <= 'F':
-		return true
-	default:
-		return false
-	}
-}
diff --git a/kms/uri/uri_test.go b/kms/uri/uri_test.go
index 3f001afc..3de07456 100644
--- a/kms/uri/uri_test.go
+++ b/kms/uri/uri_test.go
@@ -201,3 +201,66 @@ func TestURI_Get(t *testing.T) {
 		})
 	}
 }
+
+func TestURI_GetEncoded(t *testing.T) {
+	mustParse := func(s string) *URI {
+		u, err := Parse(s)
+		if err != nil {
+			t.Fatal(err)
+		}
+		return u
+	}
+	type args struct {
+		key string
+	}
+	tests := []struct {
+		name string
+		uri  *URI
+		args args
+		want []byte
+	}{
+		{"ok", mustParse("yubikey:slot-id=9a"), args{"slot-id"}, []byte{0x9a}},
+		{"ok first", mustParse("yubikey:slot-id=9a9b;slot-id=9b"), args{"slot-id"}, []byte{0x9a, 0x9b}},
+		{"ok percent", mustParse("yubikey:slot-id=9a;foo=%9a%9b%9c"), args{"foo"}, []byte{0x9a, 0x9b, 0x9c}},
+		{"ok in query", mustParse("yubikey:slot-id=9a?foo=9a"), args{"foo"}, []byte{0x9a}},
+		{"ok in query percent", mustParse("yubikey:slot-id=9a?foo=%9a"), args{"foo"}, []byte{0x9a}},
+		{"ok missing", mustParse("yubikey:slot-id=9a"), args{"foo"}, nil},
+		{"ok missing query", mustParse("yubikey:slot-id=9a?bar=zar"), args{"foo"}, nil},
+		{"ok no hex", mustParse("yubikey:slot-id=09a?bar=zar"), args{"slot-id"}, []byte{'0', '9', 'a'}},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := tt.uri.GetEncoded(tt.args.key)
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("URI.GetEncoded() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestURI_Pin(t *testing.T) {
+	mustParse := func(s string) *URI {
+		u, err := Parse(s)
+		if err != nil {
+			t.Fatal(err)
+		}
+		return u
+	}
+	tests := []struct {
+		name string
+		uri  *URI
+		want string
+	}{
+		{"from value", mustParse("pkcs11:id=%72%73?pin-value=0123456789"), "0123456789"},
+		{"from source", mustParse("pkcs11:id=%72%73?pin-source=testdata/pin.txt"), "trim-this-pin"},
+		{"from missing", mustParse("pkcs11:id=%72%73"), ""},
+		{"from source missing", mustParse("pkcs11:id=%72%73?pin-source=testdata/foo.txt"), ""},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := tt.uri.Pin(); got != tt.want {
+				t.Errorf("URI.Pin() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}