Web apps are cool. Secure web apps are cooler. The W3C WebCrypto working group is developing a crypto API for the DOM. Ultimately, that should let web apps get access to the high-grade crypto that's already in browsers. Unfortunately, that means that web developers can't play with the API until the browser vendors have it implemented.
In the mean time, we're trying to create a pure JavaScript implementation of the WebCrypto API that people can use to get a feel for how they can use the API in practice. This implementation might be useful after the API is in browsers, as a polyfill for non-upgraded browsers. But that's a secondary use case for us, due to the security risks of pure JS crypto. (That's also why we don't have HTTPS enabled for this server, as a reminder not to use PolyCrypt when real security is required.)
Our latest release implements a recent draft of the Web Cryptography API from the W3C's WebCrypto working group. Check out our demo page to see it in action.
Adding PolyCrypt to your website is easy:
<script src="http://polycrypt.net/polycrypt.js"></script>
<script>

function go() {
    var data = new Uint8Array([0x00, 0x01, 0x02, 0x03, 0x04]);
    
    var op = window.polycrypt.digest("SHA-256", data);
    
    op.oncomplete = function(e) {
        console.log( "Hash returned: " + e.target.result.toString() );
    }
}

window.polycrypt.onalive = go;

</script>
PolyCrypt is currently under active development, and we're looking for other people who would be willing to help. If you would like to contribute, please send us an email.
We are also developing a Firefox extension, FoxyCrypt, that implements the WebCrypto API using Mozilla's NSS cryptographic primitives. You can get the source code and demo apps for the extension on github.
Brought to you by BBN Technologies, with funding from DHS S&T