For Oracle TDE, there is both the option to add salt to plaintext (by default) or to ignore salt (using the NO SALT) parameter.
Regarding your questions:
If you want to have the option to query the data at will, with or without encryption and without depending of a wallet, you can use DBMS_CRYPTO in a package to store the data using function to encrypt or decrypt at will. You have a good example of this last point here
https://oracle-base.com/articles/10g/database-security-enhancements-10g#dbms_crypto