Enabled Certificate transparency cache

app/src/main/java/eu/faircode/email/EmailService.java

@@ -454,7 +454,9 @@ public class EmailService implements AutoCloseable {
             boolean bc = prefs.getBoolean("bouncy_castle", false);
             boolean fips = prefs.getBoolean("bc_fips", false);
             factory = new SSLSocketFactoryService(
-                    host, insecure, ssl_harden, strict, cert_strict, cert_transparency, check_names, bc, fips, key, chain, fingerprint);
+                    context, host, insecure,
+                    ssl_harden, strict, cert_strict, cert_transparency, check_names,
+                    bc, fips, key, chain, fingerprint);
             properties.put("mail." + protocol + ".ssl.socketFactory", factory);
             properties.put("mail." + protocol + ".socketFactory.fallback", "false");
             properties.put("mail." + protocol + ".ssl.checkserveridentity", "false");
@@ -1040,7 +1042,7 @@ public class EmailService implements AutoCloseable {
         private SSLSocketFactory factory;
         private X509Certificate certificate;
 
-        SSLSocketFactoryService(String host, boolean insecure,
+        SSLSocketFactoryService(Context context, String host, boolean insecure,
                                 boolean ssl_harden, boolean ssl_harden_strict, boolean cert_strict, boolean cert_transparency, boolean check_names,
                                 boolean bc, boolean fips,
                                 PrivateKey key, X509Certificate[] chain, String fingerprint) throws GeneralSecurityException {
@@ -1050,7 +1052,8 @@ public class EmailService implements AutoCloseable {
             this.ssl_harden_strict = ssl_harden_strict;
             this.trustedFingerprint = fingerprint;
 
-            TrustManager[] tms = SSLHelper.getTrustManagers(server, secure, cert_strict, cert_transparency, check_names, trustedFingerprint,
+            TrustManager[] tms = SSLHelper.getTrustManagers(
+                    context, server, secure, cert_strict, cert_transparency, check_names, trustedFingerprint,
                     new SSLHelper.ITrust() {
                         @Override
                         public void checkServerTrusted(X509Certificate[] chain) {

app/src/main/java/eu/faircode/email/SSLHelper.java

@@ -1,5 +1,6 @@
 package eu.faircode.email;
 
+import android.content.Context;
 import android.text.TextUtils;
 
 import androidx.annotation.NonNull;
@@ -7,6 +8,7 @@ import androidx.annotation.NonNull;
 import com.appmattus.certificatetransparency.CTLogger;
 import com.appmattus.certificatetransparency.CTTrustManagerBuilder;
 import com.appmattus.certificatetransparency.VerificationResult;
+import com.appmattus.certificatetransparency.cache.AndroidDiskCache;
 
 import java.net.InetAddress;
 import java.net.UnknownHostException;
@@ -25,7 +27,7 @@ import javax.net.ssl.X509TrustManager;
 
 public class SSLHelper {
     static TrustManager[] getTrustManagers(
-            String server, boolean secure, boolean cert_strict, boolean transparency, boolean check_names, String trustedFingerprint, ITrust intf) {
+            Context context, String server, boolean secure, boolean cert_strict, boolean transparency, boolean check_names, String trustedFingerprint, ITrust intf) {
         TrustManagerFactory tmf;
         try {
             tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
@@ -55,7 +57,10 @@ public class SSLHelper {
         };
 
         final X509TrustManager rtm = (transparency
-                ? new CTTrustManagerBuilder((X509TrustManager) tms[0]).setLogger(logger).build()
+                ? new CTTrustManagerBuilder((X509TrustManager) tms[0])
+                .setDiskCache(new AndroidDiskCache(context))
+                .setLogger(logger)
+                .build()
                 : (X509TrustManager) tms[0]);
 
         return new TrustManager[]{new X509TrustManager() {