Is padding oracle attack applicable to data stored on a DB in AES/CBC/PKCS5Padding?
Specifically I would like to be able to use Postgres with pgcrypto https://www.postgresql.org/docs/13/pgcrypto.html#id-1.11.7.34.9 (that currently not support GCM)
The idea is to achieve totally anonymized data, even in the case where an attacker obtain a dump of the db.
Currently I'm using AES/GCM/NoPadding on the application side, but having the opportunity to decrypt directly on database could be helpful.
