Please be aware that the original poster was referring to a community extension for content encryption, NOT the Alfresco Encrypted Content Store feature. So anything that Professional Services have done or what may be documented by Alfresco might not be applicable in this case. Also, as a disclaimer: I am the developer of said community extension. The documentation for this store is in the following Markdown document within the project itself: https://github.com/Acosix/alfresco-simple-content-stores/blob/master/docs/EncryptingStore.md
Now, as to the original question: With the encrypted content store of the alfresco-simple-content-stores addon, it is not necessary and frankly not supported to encrypt existing content with an external program. Doing so will break access to the content. If a piece of content in the content store is not associated with an encryption key in the Alfresco database, it will be read as-is, so if it is unencrypted on disk and no key is associated in the DB, it will be fully readable. But if you mess with that constellation, e.g. encrypt it on disk without Alfresco having a key associated in the DB, it will be read (and e.g. downloaded) as the encrypted, garbled content.
There currently is no feature to encrypt existing content in-place after the extension has been added / enabled. Depending on how other content stores or content store facades have been configured, various means may exist to encrypt the content. The simplest and potentially cleanes may be to use a property-based routing store facade in front of the encrypting content store (and have a secondary, unencrypted content store as the default with the existing content), and then simply set the configured selector property on the nodes you wish to have encrypted. By setting the property, alfresco-simple-content-stores will copy the existing content from the default content store into the encrypted content store, transparently encrypting it in the process. The old content will be marked as orphaned and cleaned up by Alfresco automatically after the configured orphan time has passed. Important in this setup is that the default and encrypted content stores have configured, unique "protocols", so that the content URLs in Alfresco are unique - this is required to ensure orphan handling works correctly. The selector property content store facade is documented in https://github.com/Acosix/alfresco-simple-content-stores/blob/master/docs/SelectorPropertyStore.md