Add command to compare sha256sums-unsigned-build.txt from local build and downloaded build

For #40997, in order to make it easier to check that a local build is matching the published build, we can add some commands that will:

download published build from archive.tpo
compare sha256sums-unsigned-build.txt and sha256sums-unsigned-build.incrementals.txt from local and downloaded builds
compare signed and unsigned exe files (#41030 (closed))
compare signed and unsigned mar files (#41031 (closed))

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information