[l33t2328]

This is not generally true. You can easily imagine a cryptosystem where having a decryption Oracle does not give the key.

The fact that it is so easy to get the key given a decryption oracle for OTP just tells us that it’s really easy to show that it’s not CCA secure. The definition of CCA secure allows a decryption oracle with the same key as the challenge ciphertext.

[Robotbeat]

Being a one-time pad makes it irrelevant if you get the key. So it’s CCA secure because you never reuse the pad. You’ve gathered no useful information, ie you’ve only gathered noise that has no use.

[l33t2328]

It is not CCA secure because an adversary with access to a decryption oracle may get the key that was used to encrypt a challenge ciphertext via the method I’ve described.

In the CCA experiment, the oracle uses the same key as the challenge ciphertext.

[Robotbeat]

But the OTP is still secure against that attack because the “key” is never reused. It is literally just noise, no useful information whatsoever.

[l33t2328]

It isn’t secure against the attack because the oracle uses the same key.

The oracle is a tool used to formalize our definition. You’re right that the fact that OTP isn’t CCA secure doesn’t matter in practice because the key is only used for one message so such an oracle doesn’t generally exist.