diff -ur mbedtls.orig/include/mbedtls/check_config.h mbedtls/include/mbedtls/check_config.h
--- mbedtls.orig/include/mbedtls/check_config.h    2026-04-02 17:26:31.906276356 +0200
+++ mbedtls/include/mbedtls/check_config.h    2026-04-02 17:27:29.374384448 +0200
@@ -247,9 +247,10 @@
 #if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) &&  !defined(MBEDTLS_HAS_MEMSAN)
 #error "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN requires building with MemorySanitizer"
 #endif
-#if defined(MBEDTLS_HAS_MEMSAN) && defined(MBEDTLS_HAVE_ASM)
-#error "MemorySanitizer does not support assembly implementation"
-#endif
+// skip this check for now because V test-self need a `fsanitizer`
+//#if defined(MBEDTLS_HAS_MEMSAN) && defined(MBEDTLS_HAVE_ASM)
+//#error "MemorySanitizer does not support assembly implementation"
+//#endif
 #undef MBEDTLS_HAS_MEMSAN // temporary macro defined above
 
 #if defined(MBEDTLS_CCM_C) && \
diff -ur mbedtls.orig/include/mbedtls/mbedtls_config.h mbedtls/include/mbedtls/mbedtls_config.h
--- mbedtls.orig/include/mbedtls/mbedtls_config.h    2026-04-02 17:26:31.910276365 +0200
+++ mbedtls/include/mbedtls/mbedtls_config.h    2026-04-02 17:27:29.374384448 +0200
@@ -4435,3 +4435,28 @@
 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN     512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
 
 /** \} name SECTION: Module configuration options */
+
+
+#if defined(__TINYC__)
+#undef MBEDTLS_HAVE_ASM
+#undef MBEDTLS_AESNI_C
+#undef MBEDTLS_PADLOCK_C
+#else // __TINYC__
+#define MBEDTLS_HAVE_ASM
+#define MBEDTLS_AESNI_C
+#define MBEDTLS_PADLOCK_C
+#endif // __TINYC__
+
+#if ( defined(__linux__) || defined(__FreeBSD__) ) || defined (__OpenBSD__) || defined(__APPLE__)
+#define MBEDTLS_THREADING_PTHREAD
+#define MBEDTLS_THREADING_C
+#elif defined(_WIN32)
+// Windows has no pthreads; the mutex callbacks are provided via
+// MBEDTLS_THREADING_ALT (see vlib/net/mbedtls/mbedtls_threading.h, installed by
+// mbedtls_threading_set_alt() from the net.mbedtls module init()).
+#define MBEDTLS_THREADING_ALT
+#define MBEDTLS_THREADING_C
+#else
+#undef MBEDTLS_THREADING_PTHREAD
+#undef MBEDTLS_THREADING_C
+#endif
diff -ur mbedtls.orig/include/mbedtls/threading_alt.h mbedtls/include/mbedtls/threading_alt.h
--- mbedtls.orig/include/mbedtls/threading_alt.h    1970-01-01 00:00:00.000000000 +0000
+++ mbedtls/include/mbedtls/threading_alt.h    2026-06-12 00:00:00.000000000 +0000
@@ -0,0 +1,20 @@
+/*
+ * threading_alt.h - mbedtls_threading_mutex_t for MBEDTLS_THREADING_ALT.
+ *
+ * V provides this on Windows (which has no pthreads) so that
+ * MBEDTLS_THREADING_C can be enabled. The mutex is a Win32 CRITICAL_SECTION;
+ * the callbacks that operate on it live in
+ * vlib/net/mbedtls/mbedtls_threading.h and are installed once at startup via
+ * mbedtls_threading_set_alt() from the net.mbedtls module init().
+ */
+#ifndef MBEDTLS_THREADING_ALT_H
+#define MBEDTLS_THREADING_ALT_H
+
+#include <windows.h>
+
+typedef struct mbedtls_threading_mutex_t {
+    CRITICAL_SECTION cs;
+    char is_valid;
+} mbedtls_threading_mutex_t;
+
+#endif /* MBEDTLS_THREADING_ALT_H */
diff -ur mbedtls.orig/library/alignment.h mbedtls/library/alignment.h
--- mbedtls.orig/library/alignment.h    2026-04-02 17:26:31.918276380 +0200
+++ mbedtls/library/alignment.h    2026-04-02 17:30:51.350689732 +0200
@@ -280,7 +280,7 @@
 /*
  * Detect GCC built-in byteswap routines
  */
-#if defined(__GNUC__)
+#if defined(__GNUC__) && !defined(__TINYC__)
 #if MBEDTLS_GCC_VERSION >= 40800
 #define MBEDTLS_BSWAP16 __builtin_bswap16
 #endif
@@ -293,7 +293,7 @@
 /*
  * Detect Clang built-in byteswap routines
  */
-#if defined(__clang__) && defined(__has_builtin)
+#if defined(__clang__) && defined(__has_builtin) && !defined(__TINYC__)
 #if __has_builtin(__builtin_bswap16) && !defined(MBEDTLS_BSWAP16)
 #define MBEDTLS_BSWAP16 __builtin_bswap16
 #endif /* __has_builtin(__builtin_bswap16) */
diff -ur mbedtls.orig/library/entropy_poll.c mbedtls/library/entropy_poll.c
--- mbedtls.orig/library/entropy_poll.c    2026-04-02 17:26:31.922276388 +0200
+++ mbedtls/library/entropy_poll.c    2026-04-02 17:27:29.374384448 +0200
@@ -38,35 +38,36 @@
 
 #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
 
+// fallback to 3.3.0 implmentation, as 3.6.5 need a high version of Windows SDK
+#if !defined(_WIN32_WINNT)
+#define _WIN32_WINNT 0x0400
+#endif
 #include <windows.h>
-#include <bcrypt.h>
-#include <intsafe.h>
+#include <wincrypt.h>
 
-int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len,
-                                  size_t *olen)
+int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
+                           size_t *olen )
 {
+    HCRYPTPROV provider;
     ((void) data);
     *olen = 0;
 
-    /*
-     * BCryptGenRandom takes ULONG for size, which is smaller than size_t on
-     * 64-bit Windows platforms. Extract entropy in chunks of len (dependent
-     * on ULONG_MAX) size.
-     */
-    while (len != 0) {
-        unsigned long ulong_bytes =
-            (len > ULONG_MAX) ? ULONG_MAX : (unsigned long) len;
-
-        if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, ulong_bytes,
-                                            BCRYPT_USE_SYSTEM_PREFERRED_RNG))) {
-            return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
-        }
+    if( CryptAcquireContext( &provider, NULL, NULL,
+                              PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
+    {
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+    }
 
-        *olen += ulong_bytes;
-        len -= ulong_bytes;
+    if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
+    {
+        CryptReleaseContext( provider, 0 );
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
     }
 
-    return 0;
+    CryptReleaseContext( provider, 0 );
+    *olen = len;
+
+    return( 0 );
 }
 #else /* _WIN32 && !EFIX64 && !EFI32 */
 
diff -ur mbedtls.orig/library/pk.c mbedtls/library/pk.c
--- mbedtls.orig/library/pk.c    2026-04-02 17:26:31.926276396 +0200
+++ mbedtls/library/pk.c    2026-04-02 17:27:29.374384448 +0200
@@ -1336,6 +1336,7 @@
         return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
     }
 
+    if (ctx == NULL) return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
     if (ctx->pk_info == NULL || pk_hashlen_helper(md_alg, &hash_len) != 0) {
         return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
     }
diff -ur mbedtls.orig/library/platform_util.c mbedtls/library/platform_util.c
--- mbedtls.orig/library/platform_util.c    2026-04-02 17:26:31.926276396 +0200
+++ mbedtls/library/platform_util.c    2026-04-02 17:27:29.374384448 +0200
@@ -87,7 +87,7 @@
  */
 #if !defined(MBEDTLS_PLATFORM_HAS_EXPLICIT_BZERO) && !(defined(__STDC_LIB_EXT1__) && \
     !defined(__IAR_SYSTEMS_ICC__)) \
-    && !defined(_WIN32)
+    && !(defined(_WIN32) && !defined(__TINYC__))
 static void *(*const volatile memset_func)(void *, int, size_t) = memset;
 #endif
 
@@ -107,7 +107,8 @@
 #endif
 #elif defined(__STDC_LIB_EXT1__) && !defined(__IAR_SYSTEMS_ICC__)
         memset_s(buf, len, 0, len);
-#elif defined(_WIN32)
+#elif defined(_WIN32) && !defined(__TINYC__)
+        /* tcc has a bad implementation of `SecureZeroMemory` */
         SecureZeroMemory(buf, len);
 #else
         memset_func(buf, 0, len);
diff -ur mbedtls.orig/library/ssl_misc.h mbedtls/library/ssl_misc.h
--- mbedtls.orig/library/ssl_misc.h    2026-04-02 17:26:31.934276411 +0200
+++ mbedtls/library/ssl_misc.h    2026-04-02 17:27:29.374384448 +0200
@@ -1674,26 +1674,30 @@
 {
     mbedtls_ssl_key_cert *key_cert;
 
+    if (ssl == NULL) return NULL;
     if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) {
         key_cert = ssl->handshake->key_cert;
     } else {
+        if (ssl->conf == NULL) return NULL;
         key_cert = ssl->conf->key_cert;
     }
-
-    return key_cert == NULL ? NULL : key_cert->key;
+    if (key_cert == NULL) return NULL;
+    return key_cert->key;
 }
 
 static inline mbedtls_x509_crt *mbedtls_ssl_own_cert(mbedtls_ssl_context *ssl)
 {
     mbedtls_ssl_key_cert *key_cert;
 
+    if (ssl == NULL) return NULL;
     if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) {
         key_cert = ssl->handshake->key_cert;
     } else {
+        if (ssl->conf == NULL) return NULL;
         key_cert = ssl->conf->key_cert;
     }
-
-    return key_cert == NULL ? NULL : key_cert->cert;
+    if (key_cert == NULL) return NULL;
+    return key_cert->cert;
 }
 
 /*
diff -ur mbedtls.orig/library/ssl_tls.c mbedtls/library/ssl_tls.c
--- mbedtls.orig/library/ssl_tls.c    2026-04-02 17:26:31.938276419 +0200
+++ mbedtls/library/ssl_tls.c    2026-04-02 17:27:29.374384448 +0200
@@ -4563,8 +4563,8 @@
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    if (ssl            == NULL                       ||
-        ssl->conf      == NULL                       ||
+    if (ssl == NULL) return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    if (ssl->conf      == NULL                       ||
         ssl->handshake == NULL                       ||
         ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) {
         return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
@@ -4653,10 +4653,8 @@
     int ret = 0;
 
     /* Sanity checks */
-
-    if (ssl == NULL || ssl->conf == NULL) {
-        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
-    }
+    if (ssl == NULL) return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    if (ssl->conf == NULL) return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
     if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
diff -ur mbedtls.orig/library/ssl_tls12_client.c mbedtls/library/ssl_tls12_client.c
--- mbedtls.orig/library/ssl_tls12_client.c    2026-04-02 17:26:31.940276423 +0200
+++ mbedtls/library/ssl_tls12_client.c    2026-04-02 17:27:29.374384448 +0200
@@ -13,6 +13,7 @@
 
 #include "mbedtls/ssl.h"
 #include "ssl_client.h"
+#include "ssl_debug_helpers.h"
 #include "ssl_misc.h"
 #include "debug_internal.h"
 #include "mbedtls/error.h"
@@ -2087,32 +2088,73 @@ static int ssl_parse_signature_algorithm(mbedtls_ssl_context *ssl,
 {
     if (mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg(sig_alg, pk_alg, md_alg) != 0) {
         MBEDTLS_SSL_DEBUG_MSG(1,
-                              ("Server used unsupported value in SigAlg extension 0x%04x",
-                               sig_alg));
+                              ("Server used unsupported %s signature algorithm",
+                               mbedtls_ssl_sig_alg_to_str(sig_alg)));
         return MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER;
     }
 
     /*
-     * mbedtls_ssl_get_pk_sigalg_and_md_alg_from_sig_alg() understands sig_alg code points across
-     * TLS versions. Make sure that the received sig_alg extension is valid in TLS 1.2.
+     * mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg() understands
+     * signature algorithm code points from both TLS 1.2 and TLS 1.3. Make sure
+     * that the selected signature algorithm is acceptable when TLS 1.2 is
+     * negotiated.
+     *
+     * In TLS 1.2, RSA-PSS signature algorithms (rsa_pss_rsae_*) are not
+     * defined by RFC 5246. However, RFC 8446 Section 4.2.3 requires that
+     * implementations which advertise support for RSASSA-PSS must be
+     * prepared to accept such signatures even when TLS 1.2 is negotiated,
+     * provided they were offered in the signature_algorithms extension.
+     *
+     * Therefore, we allow rsa_pss_rsae_* here if:
+     *  - the implementation supports them, and
+     *  - they were offered in the signature_algorithms extension (checked by
+     *    `mbedtls_ssl_sig_alg_is_offered()` below).
+     *
+     * If we were to add full support for rsa_pss_rsae_* signature algorithms
+     * in TLS 1.2, we should then integrate RSA-PSS into the TLS 1.2 signature
+     * algorithm support logic (`mbedtls_ssl_tls12_sig_alg_is_supported()`)
+     * instead of handling it as a special case here.
      */
     if (!mbedtls_ssl_sig_alg_is_supported(ssl, sig_alg)) {
-        MBEDTLS_SSL_DEBUG_MSG(1,
-                              ("Server used unsupported value in SigAlg extension 0x%04x",
-                               sig_alg));
-        return MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER;
+        switch (sig_alg) {
+#if defined(PSA_WANT_ALG_RSA_PSS)
+#if defined(PSA_WANT_ALG_SHA_256)
+            case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
+#endif
+#if defined(PSA_WANT_ALG_SHA_384)
+            case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:
+#endif
+#if defined(PSA_WANT_ALG_SHA_512)
+            case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:
+#endif
+#if defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384) || defined(PSA_WANT_ALG_SHA_512)
+        MBEDTLS_SSL_DEBUG_MSG(3,
+                              (
+                                  "Accepting TLS 1.2 RSA-PSS signature algorithm %s via compatibility exception",
+                                  mbedtls_ssl_sig_alg_to_str(sig_alg)));
+        break;
+#endif
+#endif /* PSA_WANT_ALG_RSA_PSS */
+            default:
+                MBEDTLS_SSL_DEBUG_MSG(1,
+                                      ("Server used unsupported %s signature algorithm",
+                                       mbedtls_ssl_sig_alg_to_str(sig_alg)));
+                return MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER;
+        }
     }
 
     /*
      * Check if the signature algorithm is acceptable
      */
     if (!mbedtls_ssl_sig_alg_is_offered(ssl, sig_alg)) {
-        MBEDTLS_SSL_DEBUG_MSG(1, ("Server used SigAlg value 0x%04x that was not offered", sig_alg));
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("Server used the signature algorithm %s that was not offered",
+                               mbedtls_ssl_sig_alg_to_str(sig_alg)));
         return MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER;
     }
 
-    MBEDTLS_SSL_DEBUG_MSG(2, ("Server used SignatureAlgorithm %d", sig_alg & 0x00FF));
-    MBEDTLS_SSL_DEBUG_MSG(2, ("Server used HashAlgorithm %d", sig_alg >> 8));
+    MBEDTLS_SSL_DEBUG_MSG(2, ("Server used the signature algorithm %s",
+                              mbedtls_ssl_sig_alg_to_str(sig_alg)));
 
     return 0;
 }