Fix isUserAddedCertificate

Check if the CA is in the user store directly instead of delegating to
the TrustManager. This removes one more reflection dependency between
X509TrustManagerExtensions and the default X509TrustManager.

Bug: 28138736
Change-Id: I16c17bf6230becdc0a1948b1d184212f83ee25f0