diff --git a/vault/core.go b/vault/core.go
index d46c23626..9b734e613 100644
--- a/vault/core.go
+++ b/vault/core.go
@@ -305,9 +305,13 @@ func (c *Core) SecretProgress() int {
 	return len(c.unlockParts)
 }
 
-// Unseal is used to provide one of the key parts to
-// unseal the Vault.
-func (c *Core) Unseal(key []byte) (bool, error) {
+// Unseal is used to provide one of the key parts to unseal the Vault.
+func (c *Core) Unseal(keyRaw []byte) (bool, error) {
+	// Copy the key since it is modified in-place and we don't want to
+	// modify the parameter.
+	key := make([]byte, len(keyRaw))
+	copy(key, keyRaw)
+
 	// Verify the key length
 	min, max := c.barrier.KeyLength()
 	max += shamir.ShareOverhead
diff --git a/vault/core_test.go b/vault/core_test.go
index 78741fdba..093548d62 100644
--- a/vault/core_test.go
+++ b/vault/core_test.go
@@ -12,38 +12,6 @@ var (
 	invalidKey = []byte("abcdefghijklmnopqrstuvwxyz")[:17]
 )
 
-func testCore(t *testing.T) *Core {
-	inm := physical.NewInmem()
-	conf := &CoreConfig{Physical: inm}
-	c, err := NewCore(conf)
-	if err != nil {
-		t.Fatalf("err: %v", err)
-	}
-	return c
-}
-
-func testUnsealedCore(t *testing.T) (*Core, []byte) {
-	c := testCore(t)
-	sealConf := &SealConfig{
-		SecretShares:    1,
-		SecretThreshold: 1,
-	}
-	res, err := c.Initialize(sealConf)
-	if err != nil {
-		t.Fatalf("err: %v", err)
-	}
-	master := make([]byte, len(res.SecretShares[0]))
-	copy(master, res.SecretShares[0])
-	unseal, err := c.Unseal(res.SecretShares[0])
-	if err != nil {
-		t.Fatalf("err: %v", err)
-	}
-	if !unseal {
-		t.Fatalf("should be unsealed")
-	}
-	return c, master
-}
-
 func TestCore_Init(t *testing.T) {
 	inm := physical.NewInmem()
 	conf := &CoreConfig{Physical: inm}
@@ -137,7 +105,7 @@ func TestCore_Init(t *testing.T) {
 }
 
 func TestCore_Init_MultiShare(t *testing.T) {
-	c := testCore(t)
+	c := TestCore(t)
 	sealConf := &SealConfig{
 		SecretShares:    5,
 		SecretThreshold: 3,
@@ -162,7 +130,7 @@ func TestCore_Init_MultiShare(t *testing.T) {
 }
 
 func TestCore_Unseal_MultiShare(t *testing.T) {
-	c := testCore(t)
+	c := TestCore(t)
 
 	_, err := c.Unseal(invalidKey)
 	if err != ErrNotInit {
@@ -247,7 +215,7 @@ func TestCore_Unseal_MultiShare(t *testing.T) {
 }
 
 func TestCore_Unseal_Single(t *testing.T) {
-	c := testCore(t)
+	c := TestCore(t)
 
 	_, err := c.Unseal(invalidKey)
 	if err != ErrNotInit {
@@ -297,7 +265,7 @@ func TestCore_Unseal_Single(t *testing.T) {
 }
 
 func TestCore_Route_Sealed(t *testing.T) {
-	c := testCore(t)
+	c := TestCore(t)
 	sealConf := &SealConfig{
 		SecretShares:    1,
 		SecretThreshold: 1,
@@ -335,7 +303,7 @@ func TestCore_Route_Sealed(t *testing.T) {
 
 // Attempt to unseal after doing a first seal
 func TestCore_SealUnseal(t *testing.T) {
-	c, key := testUnsealedCore(t)
+	c, key := TestCoreUnsealed(t)
 	if err := c.Seal(); err != nil {
 		t.Fatalf("err: %v", err)
 	}
diff --git a/vault/mount_test.go b/vault/mount_test.go
index 2ec943b70..710f4ae06 100644
--- a/vault/mount_test.go
+++ b/vault/mount_test.go
@@ -6,7 +6,7 @@ import (
 )
 
 func TestCore_DefaultMountTable(t *testing.T) {
-	c, key := testUnsealedCore(t)
+	c, key := TestCoreUnsealed(t)
 	verifyDefaultTable(t, c.mounts)
 
 	// Start a second core with same physical
@@ -30,7 +30,7 @@ func TestCore_DefaultMountTable(t *testing.T) {
 }
 
 func TestCore_Mount(t *testing.T) {
-	c, key := testUnsealedCore(t)
+	c, key := TestCoreUnsealed(t)
 	me := &MountEntry{
 		Path: "foo",
 		Type: "generic",
@@ -65,7 +65,7 @@ func TestCore_Mount(t *testing.T) {
 }
 
 func TestCore_Unmount(t *testing.T) {
-	c, key := testUnsealedCore(t)
+	c, key := TestCoreUnsealed(t)
 	err := c.Unmount("secret")
 	if err != nil {
 		t.Fatalf("err: %v", err)
@@ -96,7 +96,7 @@ func TestCore_Unmount(t *testing.T) {
 }
 
 func TestCore_Remount(t *testing.T) {
-	c, key := testUnsealedCore(t)
+	c, key := TestCoreUnsealed(t)
 	err := c.Remount("secret", "foo")
 	if err != nil {
 		t.Fatalf("err: %v", err)
@@ -127,7 +127,7 @@ func TestCore_Remount(t *testing.T) {
 }
 
 func TestCore_Remount_Protected(t *testing.T) {
-	c, _ := testUnsealedCore(t)
+	c, _ := TestCoreUnsealed(t)
 	err := c.Remount("sys", "foo")
 	if err.Error() != "cannot remount 'sys/'" {
 		t.Fatalf("err: %v", err)
diff --git a/vault/system_test.go b/vault/system_test.go
index 9ac6e077d..60adc7ecb 100644
--- a/vault/system_test.go
+++ b/vault/system_test.go
@@ -6,7 +6,7 @@ import (
 )
 
 func testSystem(t *testing.T) *SystemBackend {
-	c, _ := testUnsealedCore(t)
+	c, _ := TestCoreUnsealed(t)
 	return &SystemBackend{c}
 }
 
diff --git a/vault/testing.go b/vault/testing.go
index 7bf93c6d0..28d5111fa 100644
--- a/vault/testing.go
+++ b/vault/testing.go
@@ -24,7 +24,7 @@ func TestCore(t *testing.T) *Core {
 
 // TestCoreInit initializes the core with a single key, and returns
 // the list of keys that must be used to unseal the core.
-func TestCoreInit(t *testing.T, core *Core) [][]byte {
+func TestCoreInit(t *testing.T, core *Core) []byte {
 	result, err := core.Initialize(&SealConfig{
 		SecretShares:    1,
 		SecretThreshold: 1,
@@ -33,5 +33,25 @@ func TestCoreInit(t *testing.T, core *Core) [][]byte {
 		t.Fatalf("err: %s", err)
 	}
 
-	return result.SecretShares
+	return result.SecretShares[0]
+}
+
+// TestCoreUnsealed returns a pure in-memory core that is already
+// initialized and unsealed.
+func TestCoreUnsealed(t *testing.T) (*Core, []byte) {
+	core := TestCore(t)
+	key := TestCoreInit(t, core)
+	if _, err := core.Unseal(key); err != nil {
+		t.Fatalf("unseal err: %s", err)
+	}
+
+	sealed, err := core.Sealed()
+	if err != nil {
+		t.Fatalf("err checking seal status: %s", err)
+	}
+	if sealed {
+		t.Fatal("should not be sealed")
+	}
+
+	return core, key
 }