How can I use revisions to avoid invalidating digital signatures in a PDF?

Question

Using Acrobat 9, if I sign a PDF using a self-signed certificate and then edit the PDF after I sign it, Acrobat will inform me that there is a valid signature on the document but that the document also has unsigned changes. If I then sign the PDF again and look in the signature panel, it will show the first signed revision with a valid signature, notate that changes were made after the first revision was signed and then show a second signed revision with a valid signature.

I am trying to duplicate that behavior using iTextSharp. In code, I create a PDF and sign it. Then, I edit the PDF and sign it again. When I open the document in Acrobat, it shows both revisions but marks the first revision as an invalid signature because the document was altered. From what I can gather, I think iTextSharp is signing the entire document rather than just the first revision inside that document. I have set the Append parameter to true in both the PdfStamper and PdfSignatureAppearance constructors, but it does not seem to have any effect.

Since I can get the desired result using Acrobat, I am assuming I am just not using iTextSharp correctly. Can anyone shed some light on this?

Answer 1

Adobe does this with layers I suppose. Each revision of the PDF is probably placed in a different layer and then signed. If iText supports layers, you may be able to do it in a similar way.

Answer 2

You have to update the existing PDF instead of rewriting it entirely. Set the following attributes to true to enable updating.

PdfReader reader;
...
reader.Appendable = true;