Encryption storage wrapper is enabled by default - necessary to detect encrypted files even if encryption was disabled after files have been encrypted - prevents data corruption

lib/base.php

@@ -701,10 +701,7 @@ class OC {
 	}
 
 	private static function registerEncryptionWrapper() {
-		$enabled = self::$server->getEncryptionManager()->isEnabled();
-		if ($enabled) {
-			\OCP\Util::connectHook('OC_Filesystem', 'setup', 'OC\Encryption\Manager', 'setupStorage');
-		}
+		\OCP\Util::connectHook('OC_Filesystem', 'setup', 'OC\Encryption\Manager', 'setupStorage');
 	}
 
 	private static function registerEncryptionHooks() {

lib/private/files/storage/wrapper/encryption.php

@@ -229,13 +229,17 @@ class Encryption extends Wrapper {
 		$encryptionModuleId = $this->util->getEncryptionModuleId($header);
 
 		$size = $unencryptedSize = 0;
-		if ($this->file_exists($path)) {
+		$targetExists = $this->file_exists($path);
+		$targetIsEncrypted = false;
+		if ($targetExists) {
 			// in case the file exists we require the explicit module as
 			// specified in the file header - otherwise we need to fail hard to
 			// prevent data loss on client side
 			if (!empty($encryptionModuleId)) {
+				$targetIsEncrypted = true;
 				$encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId);
 			}
+
 			$size = $this->storage->filesize($path);
 			$unencryptedSize = $this->filesize($path);
 		}
@@ -266,6 +270,14 @@ class Encryption extends Wrapper {
 				'" not found, file will be stored unencrypted');
 		}
 
+		// encryption disabled on write of new file and write to existing unencrypted file -> don't encrypt
+		$encEnabled = $this->encryptionManager->isEnabled();
+		if (!$encEnabled ) {
+			if (!$targetExists || !$targetIsEncrypted) {
+				$shouldEncrypt = false;
+			}
+		}
+
 		if($shouldEncrypt === true && !$this->util->isExcluded($fullPath) && $encryptionModule !== null) {
 			$source = $this->storage->fopen($path, $mode);
 			$handle = \OC\Files\Stream\Encryption::wrap($source, $path, $fullPath, $header,