You could do it, but it's horribly messy, as you have probably seen when trying to do it in .NET - which is presumably why you want to move it to SQL so you don't have to think about it!
There is no magic way to do it: It's actually easier to do in .NET rather than SQL because it's range of string manipulations is better, but the principle is the same in either case.
To do it in SQL you have to assemble a SELECT statement as a varchar string, then EXEC the string.
I'm not going to do it for you, because in SQL it's a monolithic CASE WHEN statement, using a prefix to separate clauses:
0) Set the query string to "SELECT <your fields list> FROM <Your table>"
1) Start with the prefix set to " WHERE "
2) Check the first parameter. If it is present, then append the prefix to the query string, then add your parameter data to that. Set the prefix to " AND "
3) Check the second parameter. If it is present, then append the prefix to the query string, then add your parameter data to that. Set the prefix to " AND "
It's easier, tidier and more maintainable in .NET - at least you have arrays!