...
Each KFS schema has the EncryptionService included. Encryption on the database is used only for 2 reasons - the data mart and the cleanse process. The data mart only uses the production schemas. The cleanse process is only used in non-production schemas. The encryption service in oracle is referenced through a function, decrypt_string(). The encrypted field is passed to the decrypt_string function.
EncryptionService
The EncryptionService class is a java class stored inside of Oracle. Oracle refers to this as a Java object. The type is class. This class is a copy of the AesEncryptionServiceImpl class, slightly modified in order to minimalize the dependencies and remove any dependencies not available from the Oracle version of Java.
Calling the EncryptionService
The EncryptionService class is referenced by calling a function, decrypt_string and passing the column that needs to be decrypted. For example,
select bnk_cd, decrypt_string(bnk_acct_nbr) from fp_bank_t;
Java objects
The EncyrptionService class requires one important dependency not available from the Oracle Java libraries. This is the Base64 class from the Apache commons codec library. Therefore this class must be loaded into the Oracle schema in order for the EncryptionService to funtion.
apache commons
loading java objects
...