Web apps are cool. Secure web apps are cooler. The W3C WebCrypto working group is developing a crypto API for the DOM. Ultimately, that should let web apps get access to the high-grade crypto that's already in browsers. Unfortunately, that means that web developers can't play with the API until the browser vendors have it implemented.
In the mean time, we're trying to create a pure JavaScript implementation of the WebCrypto API that people can use to get a feel for how they can use the API in practice. This implementation might be useful after the API is in browsers, as a polyfill for non-upgraded browsers. But that's a secondary use case for us, due to the security risks of pure JS crypto. (That's also why we hadn't had HTTPS enabled for this server till recently, as a reminder not to use PolyCrypt when real security is required.)
Our latest release implements a recent draft of the Web Cryptography API from the W3C's WebCrypto working group. Check out our demo page to see it in action.
Adding PolyCrypt to your website is easy:
<script src="http://polycrypt.net/front/polycrypt.js"></script>

function go() {
    var data = new Uint8Array([0x00, 0x01, 0x02, 0x03, 0x04]);
    var op = window.polycrypt.digest("SHA-256", data);
    op.oncomplete = function(e) {
        console.log( "Hash returned: " + e.target.result.toString() );

window.polycrypt.onalive = go;

PolyCrypt is no longer under active development. Source code and sample applications are available on github.
Brought to you by BBN Technologies, with funding from DHS S&T and info support by Intellectsoft.