FIPS-enabled Safenet HSMs use a different Initialization Vector from non-FIPS-enabled ones. Enabling this will require major changes in our KeySafe implementation. Note that our current KeySafe implementation is FIPS compliant even without a FIPS compliant HSM. We are aware of the customer requirement to support FIPS-enabled HSMs, and will consider it for future roadmap.