Safe(r) than just sending it in the clear so the server can read it, probably. However, if your server gets compromised, the JS code doing the crypto can easily be replaced to just return the results plaintext...in which case you're still doing SSL, so good job, but the CC#s are vulnerable to whomever wishes to sniff them on the server, which is pretty much how most online systems work anyway.
Couldn't hurt to use asymmetric encryption using the provider's public key, but just beware that without packaging/signing the crypto code, it's a tossup whether or not it's actually there.
Edit: if it's absolutely imperative that the server not be able to read the message, then not packaging all the code is unsafe. However, if the server not being able to read the message is nice to have but non-essential, then by all means, run your code in a webapp.
Thanks. I'd use a browser extension, and also constrain what gets sent to the server.
If the server was really compromised, it could just copy the CC# into another field in the form (so it gets sent twice, encrypted and unencrypted) - and the server would get the data without having to change the JS. Integrity checks would not turn anything up. A properly paranoid browser extension should have a specified format for sending a form, so that no extra information is leaked.
In my case it's bids rather than CC#s, though the same pattern holds of encrypting with the tender creator's public key.
Couldn't hurt to use asymmetric encryption using the provider's public key, but just beware that without packaging/signing the crypto code, it's a tossup whether or not it's actually there.
Edit: if it's absolutely imperative that the server not be able to read the message, then not packaging all the code is unsafe. However, if the server not being able to read the message is nice to have but non-essential, then by all means, run your code in a webapp.