diff --git a/src/tools/chip-cert/KeyUtils.cpp b/src/tools/chip-cert/KeyUtils.cpp
index 0bfa6e20d5541d..272c54e747bb3a 100644
--- a/src/tools/chip-cert/KeyUtils.cpp
+++ b/src/tools/chip-cert/KeyUtils.cpp
@@ -112,7 +112,7 @@ bool SerializeKeyPair(EVP_PKEY * key, P256SerializedKeypair & serializedKeypair)
     const EC_GROUP * group   = nullptr;
     const EC_KEY * ecKey     = nullptr;
     const EC_POINT * ecPoint = nullptr;
-    uint8_t * pubKey         = serializedKeypair;
+    uint8_t * pubKey         = serializedKeypair.Bytes();
     uint8_t * privKey        = pubKey + kP256_PublicKey_Length;
     size_t pubKeyLen         = 0;
     int privKeyLen           = 0;
@@ -245,10 +245,10 @@ bool WritePrivateKey(const char * fileName, EVP_PKEY * key, KeyFormat keyFmt)
     uint8_t * keyToWrite   = nullptr;
     uint32_t keyToWriteLen = 0;
     P256SerializedKeypair serializedKeypair;
-    uint32_t chipKeyLen       = sizeof(serializedKeypair);
-    uint32_t chipKeyBase64Len = BASE64_ENCODED_LEN(chipKeyLen);
-    std::unique_ptr<uint8_t[]> chipKey(new uint8_t[chipKeyLen]);
-    std::unique_ptr<uint8_t[]> chipKeyBase64(new uint8_t[chipKeyBase64Len]);
+    uint32_t chipKeySize       = serializedKeypair.Capacity();
+    uint32_t chipKeyBase64Size = BASE64_ENCODED_LEN(chipKeySize);
+    std::unique_ptr<uint8_t[]> chipKey(new uint8_t[chipKeySize]);
+    std::unique_ptr<uint8_t[]> chipKeyBase64(new uint8_t[chipKeyBase64Size]);
 
     VerifyOrExit(key != nullptr, res = false);
 
@@ -282,8 +282,10 @@ bool WritePrivateKey(const char * fileName, EVP_PKEY * key, KeyFormat keyFmt)
 
         if (keyFmt == kKeyFormat_Chip_Base64)
         {
-            res = Base64Encode(serializedKeypair, static_cast<uint32_t>(sizeof(serializedKeypair)), chipKeyBase64.get(),
-                               chipKeyBase64Len, chipKeyBase64Len);
+            uint32_t chipKeyBase64Len;
+
+            res = Base64Encode(serializedKeypair.Bytes(), static_cast<uint32_t>(serializedKeypair.Length()), chipKeyBase64.get(),
+                               chipKeyBase64Size, chipKeyBase64Len);
             VerifyTrueOrExit(res);
 
             keyToWrite    = chipKeyBase64.get();
@@ -292,7 +294,7 @@ bool WritePrivateKey(const char * fileName, EVP_PKEY * key, KeyFormat keyFmt)
         else
         {
             keyToWrite    = chipKey.get();
-            keyToWriteLen = chipKeyLen;
+            keyToWriteLen = static_cast<uint32_t>(serializedKeypair.Length());
         }
 
         if (fwrite(keyToWrite, 1, keyToWriteLen, file) != keyToWriteLen)