zHd4 · zHd4 · Jun 24, 2026 · Jun 24, 2026 · Jun 24, 2026 · Jun 24, 2026
diff --git a/app/src/main/java/app/notesr/activity/security/AuthActivityExtension.java b/app/src/main/java/app/notesr/activity/security/AuthActivityExtension.java
@@ -56,10 +56,17 @@ public void authorize() {
             return;
         }
 
-        if (cryptoManager.configure(activity.getApplicationContext(), password)) {
-            onAuthorizationSuccessful();
-        } else {
-            onAuthorizationFailed();
+        try {
+            boolean isAuthorized = cryptoManager.configure(activity.getApplicationContext(),
+                    password);
+
+            if (isAuthorized) {
+                onAuthorizationSuccessful();
+            } else {
+                onAuthorizationFailed();
+            }
+        } catch (IOException e) {
+            throw new RuntimeException(e);
         }
     }
 

diff --git a/core/src/main/java/app/notesr/core/security/crypto/AesCryptorFactory.java b/core/src/main/java/app/notesr/core/security/crypto/AesCryptorFactory.java
@@ -11,7 +11,7 @@
 public final class AesCryptorFactory implements CryptorFactory {
     @Override
     public AesCryptor create(char[] password, Class<? extends AesCryptor> cryptorClass)
-            throws NoSuchAlgorithmException {
+            throws NoSuchAlgorithmException, ReflectiveOperationException {
         byte[] salt = AesCryptor.generatePasswordBasedSalt(password);
 
         try {
@@ -21,7 +21,7 @@ public AesCryptor create(char[] password, Class<? extends AesCryptor> cryptorCla
                  | InstantiationException
                  | InvocationTargetException
                  | NoSuchMethodException e) {
-            throw new RuntimeException(e);
+            throw new ReflectiveOperationException(e);
         }
     }
 }
diff --git a/core/src/main/java/app/notesr/core/security/crypto/CryptoManager.java b/core/src/main/java/app/notesr/core/security/crypto/CryptoManager.java
@@ -58,14 +58,12 @@ public final class CryptoManager {
      * @param context  The application context.
      * @param password The password to use for decryption.
      * @return {@code true} if configuration was successful, {@code false} if decryption failed.
-     * @throws RuntimeException if an unexpected I/O error occurs.
+     * @throws IOException if an I/O error occurs.
      */
-    public boolean configure(Context context, char[] password) {
+    public boolean configure(Context context, char[] password) throws IOException {
         try {
             this.secrets = tryGetSecretsWithFallback(context, password);
             return true;
-        } catch (IOException e) {
-            throw new RuntimeException(e);
         } catch (DecryptionFailedException e) {
             return false;
         }
@@ -217,11 +215,10 @@ public void destroySecrets() {
      * @param context  The application context.
      * @param password The password for decryption.
      * @return The retrieved {@link CryptoSecrets}.
-     * @throws IOException              if an I/O error occurs.
      * @throws DecryptionFailedException if decryption fails with both cryptors.
      */
     private CryptoSecrets tryGetSecretsWithFallback(Context context, char[] password)
-            throws IOException, DecryptionFailedException {
+            throws DecryptionFailedException {
         try {
             return getSecrets(context, password, AesGcmCryptor.class);
         } catch (DecryptionFailedException e) {
@@ -319,6 +316,7 @@ private void setKeyHash(String keyHash) {
 
     /**
      * Removes old key hash file that was in older versions of NoteSR.
+     *
      * @param context application context
      * @throws IOException if failed to delete file
      */