diff --git a/Makefile b/Makefile
index 108efa1d..09e342df 100644
--- a/Makefile
+++ b/Makefile
@@ -154,7 +154,7 @@ fmt:
 	$Q gofmt -l -w $(SRC)
 
 lint:
-	$Q $(GOFLAGS) LOG_LEVEL=error golangci-lint run --timeout=30m
+	$Q golangci-lint run --timeout=30m
 
 lintcgo:
 	$Q LOG_LEVEL=error golangci-lint run --timeout=30m
diff --git a/kms/pkcs11/other_test.go b/kms/pkcs11/other_test.go
index 680d3860..3e168716 100644
--- a/kms/pkcs11/other_test.go
+++ b/kms/pkcs11/other_test.go
@@ -166,10 +166,10 @@ func (s *privateKey) Delete() error {
 	return nil
 }
 
-func (s *privateKey) Decrypt(rand io.Reader, msg []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error) {
+func (s *privateKey) Decrypt(rnd io.Reader, msg []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error) {
 	k, ok := s.Signer.(*rsa.PrivateKey)
 	if !ok {
 		return nil, errors.New("key is not an rsa key")
 	}
-	return k.Decrypt(rand, msg, opts)
+	return k.Decrypt(rnd, msg, opts)
 }
diff --git a/kms/pkcs11/pkcs11.go b/kms/pkcs11/pkcs11.go
index 07d40c05..7924f106 100644
--- a/kms/pkcs11/pkcs11.go
+++ b/kms/pkcs11/pkcs11.go
@@ -145,8 +145,7 @@ func (k *PKCS11) CreateKey(req *apiv1.CreateKeyRequest) (*apiv1.CreateKeyRespons
 // CreateSigner creates a signer using the key present in the PKCS#11 MODULE signature
 // slot.
 func (k *PKCS11) CreateSigner(req *apiv1.CreateSignerRequest) (crypto.Signer, error) {
-	switch {
-	case req.SigningKey == "":
+	if req.SigningKey == "" {
 		return nil, errors.New("createSignerRequest 'signingKey' cannot be empty")
 	}
 
@@ -204,8 +203,8 @@ func (k *PKCS11) StoreCertificate(req *apiv1.StoreCertificateRequest) error {
 }
 
 // DeleteKey is a utility function to delete a key given an uri.
-func (k *PKCS11) DeleteKey(uri string) error {
-	id, object, err := parseObject(uri)
+func (k *PKCS11) DeleteKey(u string) error {
+	id, object, err := parseObject(u)
 	if err != nil {
 		return errors.Wrap(err, "deleteKey failed")
 	}
@@ -223,8 +222,8 @@ func (k *PKCS11) DeleteKey(uri string) error {
 }
 
 // DeleteCertificate is a utility function to delete a certificate given an uri.
-func (k *PKCS11) DeleteCertificate(uri string) error {
-	id, object, err := parseObject(uri)
+func (k *PKCS11) DeleteCertificate(u string) error {
+	id, object, err := parseObject(u)
 	if err != nil {
 		return errors.Wrap(err, "deleteCertificate failed")
 	}