How can I use revisions to avoid invalidating digital signatures in a PDF?

Using Acrobat 9, if I sign a PDF using a self-signed certificate and then edit the PDF after I sign it, Acrobat will inform me that there is a valid signature on the document but that the document also has unsigned changes. If I then sign the PDF again and look in the signature panel, it will show the first signed revision with a valid signature, notate that changes were made after the first revision was signed and then show a second signed revis开发者_JAVA技巧ion with a valid signature.

I am trying to duplicate that behavior using iTextSharp. In code, I create a PDF and sign it. Then, I edit the PDF and sign it again. When I open the document in Acrobat, it shows both revisions but marks the first revision as an invalid signature because the document was altered. From what I can gather, I think iTextSharp is signing the entire document rather than just the first revision inside that document. I have set the Append parameter to true in both the PdfStamper and PdfSignatureAppearance constructors, but it does not seem to have any effect.

Since I can get the desired result using Acrobat, I am assuming I am just not using iTextSharp correctly. Can anyone shed some light on this?

You have to update the existing PDF instead of rewriting it entirely. Set the following attributes to true to enable updating.

PdfReader reader;
...
reader.Appendable = true;

Adobe does this with layers I suppose. Each revision of the PDF is probably placed in a different layer and then signed. If iText supports layers, you may be able to do it in a similar way.