Hash for installation files

Is this correct. Strangely, I cannot find it anywhere.

shasum -a 256 TorBrowser-12.5.2-macos_ALL.dmg
2564f45bda983d9c0f5718b1e464a3b6001fbc70eda285a2f838def480315529 TorBrowser-12.5.2-macos_ALL.dmg

Hi, I get the same hash for that file.

The proper way to verify what you downloaded is correct is to check the PGP detached signature corresponding to the file you downloaded. You can learn how to do that on this page:

You can find the signature on the same page you downloaded TorBrowser. Just under the “Download for macOS” button, there is a “Signature” link.

This is better than simply checking the hash in case the hash itself may have been tampered with.

Is it possible to get PGP verification on Android? All the guides I’ve seen are for Windows/Mac/Linux