1) Is this the correct way to do this?

No, not entirely - you should only encode things that are strings, not binary data.

3) How do I treat the $buffer, in Perl, before I do a POST and GET, assuming the receiver is liberal in what it accepts? Obviously a base64 is safe but under what conditions can I send $unicode_string as is. Will sending $buffer (as is, after treated with Encode) work?

You should encode your data for the request manually unless you are sure that the UserAgent you're using does the encoding and adds the proper Content-Type headers.

4) Is Encode::encode("UTF-8", $sha256) altering my binary data? Is it harmful on strings with binary data?

Yes, it is harmful unless the receiving end expects your data to be UTF-8-encoded.