Verify encryption key on startup

[jasonwhite]

There is a danger of using a different encryption key than the one that was originally used to encrypt the LFS objects. Right now, there is no error or warning if the wrong encryption key is used. One might only notice the problem when clients start failing to download LFS objects.

Instead, there should be some metadata associated with the object store that, when decrypted, contains a predefined string. This could then be used to check if the encryption key is valid or not.