Removing signature on Tor Browser .exe should result in SHA256 value listed in sha256sums.txt
Since #3861 (closed) landed we do the authenticode code-signing for Windows Tor Browser .exe files. In order to compare these files with the ones we built deterministically we need to strip its signature. It turns out that this works using e.g. osslsigncode but (surprise!) one does not get the same SHA256 sum back.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information